Unlike numerous compliance rules, SOC compliance is typically not mandatory to operate inside a provided market like PCI DSS compliance is for processing payment card info. On the whole, companies have to have a SOC audit when their shoppers request one. Your business is service provider dependent outside the EU. https://www.nathanlabsadvisory.com/iso-27701-privacy-information-management-system-pims.html
