Landfall

Platform Features

Regulation in,
engineering work out.
Every step auditable.

The translation layer between regulatory text and your engineering work — so legal and product speak the same language.

Context Intake

Describe your product. We map the regulations.

Answer questions about your service — audience, data practices, profiling, safety measures — and Landfall captures structured assumptions that drive obligation mapping.

  • Categorised assumptions: risk, safety, jurisdiction
  • Auditable record of every response
  • Drives AI-powered obligation suggestions
Context questionnaire showing categorised assumptions for KidLearn Academy: risk level, safety measures, parental controls, jurisdiction, profiling, and service type

Obligation Mapping

AI reads the regulation. You confirm the interpretation.

Every obligation is extracted from source text, mapped to your product context, and flagged with a rationale — ready for human review.

  • Obligation ID linked to regulation source
  • Applicability status with reviewer badge
  • Plain-language rationale for every decision
Obligation mapping table showing 15 UK AADC obligations with applicability status and rationale

Engineering Tickets

Obligations become engineering tickets. Automatically.

Each applicable obligation produces prioritised work items with acceptance criteria, priority levels, and full traceability back to the source regulation.

  • MoSCoW priority assignment (Must / Should / Could)
  • Search, filter, and bulk-select items
  • Push directly to Jira or your issue tracker
Engineering tickets with priority cards, acceptance criteria, and obligation traceability

Export & Audit

Audit-ready packages with tamper-evident integrity.

Generate comprehensive audit certification packages or machine-readable compliance contracts that live in your codebase and verify via CI/CD hooks.

  • Self-contained HTML audit packages
  • SHA-256 integrity verification
  • Compliance contracts for CI/CD pipelines
Export page with audit certification package and compliance contract options

How It Works

Four steps. Full traceability.

1

Step 1

Context Intake

A dynamic questionnaire captures your product context. Your answers determine which regulatory obligations apply to your specific situation.

Does your product target or is it likely to be accessed by users under 18?

Yes, primarily childrenYes, includes minorsNo, adults only

Does your product use algorithmic profiling or recommendations?

Yes, for contentYes, for adsNo profiling

Also covers: data collection, profiling, parental controls, content moderation, jurisdictions

2

Step 2

Obligation Mapping

Based on your context, Landfall suggests which obligations apply. You confirm, override, or flag each one — every decision requires rationale.

UK-AADC-STD-11Profiling (Switched Off)Applicable

Product uses algorithmic recommendations for minors

UK-AADC-STD-8Data MinimisationApplicable

Product collects personal data from minors

EU-DSA-ART-28Advertising to MinorsNot Applicable

Product does not display advertising

Ambiguity Detection

When regulatory text is unclear, Landfall flags it for human resolution. Choose from suggested interpretations or provide your own.

Approval Gate: Obligation Mappings
3

Step 3

Engineering Tickets

Once obligations are approved, Landfall generates engineering-ready work items. Each obligation produces multiple items covering all aspects of implementation.

Feature

Core implementation

Must

Edge Case

Boundary conditions

Should

QA Test

Verification test

Must

Logging

Audit trail

Must

Example: UK-AADC-STD-11 “Profiling (Switched Off)” generates:

FEATURE

Disable profiling for users under 18

Must

EDGE_CASE

Handle age transition (17→18)

Should

QA_TEST

Verify profiling disabled for minors

Must

LOGGING

Log profiling state changes

Must

Approval Gate: Work Items
4

Step 4

Export & Audit

Jira CSV

Import directly into Jira as issues with all fields for sprint planning.

  • Summary & Description
  • Acceptance Criteria
  • Priority & Labels
  • Obligation Reference

Markdown

Human-readable documentation for stakeholders and review.

  • Organised by Obligation
  • Full Rationale Included
  • Approval Signatures
  • Ready for Sharing

JSON Audit Bundle

Complete audit package with cryptographic integrity verification.

  • SHA-256 File Hashes
  • Complete Audit Log
  • All Decisions & Rationale
  • Submission Ready

Final Approval with Attestation

Before export, an approver reviews the complete project and provides attestation that the mappings are accurate and complete — creating a clear accountability trail for regulatory review.

Built for Regulated Products

Bridging the gap between what the law says and what your team builds.

Children's safety, online protection, AI governance — and expanding to more regulatory domains.

Full Traceability

Every work item links to an obligation, which links to specific regulation text.

Human-in-the-Loop

Ambiguities are flagged for human decision. No silent interpretations.

Integrity Verification

SHA-256 hashes on every export. Cryptographically tamper-evident.

Separation of Duties

Built-in analyst vs approver roles with multi-stage approval gates.

Jira, Linear & GitHub

Push work items directly. Sync status via webhooks. Verify contracts in CI/CD.

Immutable Audit Log

Every action logged with timestamp, user, and context.

Continuous Compliance

Point-in-time queries show compliance state at any historical date.

Evidence Collection

Automated evidence gathering via CLI. Tracks staleness and expiration.

Policy-to-Tests

Map test files to regulations. Prove coverage from law to code.

Ready to ship
with confidence?

Create your first project in minutes. Landfall reads the regulation — your team builds the product.