Use MessageFlow Compliance packages to meet legal requirements, security standards, and the expectations of customers, partners, and auditors. Flexible tiers – from Basic to Premium – let you tailor the scope of audits, documentation, and expert support to your operational scale and level of process maturity.
Compliance Packages:
Audits and full regulatory alignment
Service / Functionality | Basic | Extended | Premium |
|---|---|---|---|
| Audit of key (core) processes and procedures |
|
|
|
| Data center audit |
|
|
|
| Questionnaire question limit (single question, no evidence required) | 100 (or up to 2 hours) | 200 (or up to 4 hours) | Unlimited |
| Preparation of evidence for questionnaires |
|
|
|
| Priority handling of questionnaire-related tasks |
|
|
|
| Possibility to negotiate individual contractual terms (excluding DPA) z wyłączeniem DPA |
|
|
|
| Possibility to negotiate a custom DPA, including analysis of organizational and technical measures and security policies based on the Client’s template |
|
|
|
| Possibility to conduct internal audits at Vercom (online / onsite) |
|
|
|
| Possibility to conduct external audits at Vercom |
|
|
|
| Free supplier audit upon request |
|
| Once per year |
| Compliance analysis with selected legal regulations |
|
|
|
| Dedicated reports on demand |
|
|
|
| Analysis of additional appendices (e.g. security appendix) |
|
|
|
| External penetration testing upon client request |
|
|
|
| Digital Operational Resilience Act – DORA |
| Non-negotiable provisions | Negotiable contract |
FAQs
Have questions about our platform? Check answers to the most common questions.
The differences mainly concern the scope of audits, the level of involvement of the compliance team, and the type of evidence and documentation prepared. The Basic package works best for simpler structures, Extended for growing organizations, and Premium for high audit and regulatory requirements.
No. They are not mandatory, but they significantly simplify meeting legal, security, and audit requirements – especially when working with large clients, regulators, or external auditors.
Yes. Audits can be carried out online or onsite, depending on the package scope and organizational needs. Details are agreed individually.
Yes. Compliance Packages may be purchased as add-on services, or you can choose selected elements only (e.g. additional audits, analyses, or compliance questionnaire support).
Depending on the package, this may include:
- assistance with completing questionnaires,
- preparation of evidence (procedural or system-based),
- priority handling of auditor and client inquiries.
Yes. Selected packages include DPA review and negotiations, assessment of organizational and technical measures, and support with security documentation.
The packages are intended for organizations that:
- process sensitive data,
- operate in regulated environments,
- undergo client or certification audits,
- want to organize and formalize their compliance processes.