· Listing
Live listingsSign inCreate account

Find any business across Europe.

Open public directory of companies — from local bakeries to law firms, by industry and city. Free, neutral, growing every hour.

Security

EU-hosted. EU-licensed. EU-rules.

Three layers of trust, all designed for European business reality.

Money: PSD2-licensed escrow

Trade Assurance funds are held under Mangopay's e-money-institution license, regulated by the Commission de Surveillance du Secteur Financier in Luxembourg, EU-passported. Funds sit in segregated client accounts at our partner bank, not on BLUN · Listing's balance sheet — meaning even if BLUN · Listing as a company hit hard times, your held funds are bankruptcy-remote and recoverable.

Card payments run through Stripe (PCI-DSS Level 1 certified, the highest tier). BLUN · Listing never sees full card numbers — they're tokenized at Stripe and only a token is stored.

Data: EU-only, GDPR-native

Servers in Hetzner Falkenstein (Germany) and Helsinki (Finland). No data leaves the EU. No data is sent to a US-based AI provider — every model that processes user content runs on BLUN · Listing-owned GPUs in those same EU data centers. The implication: a European business using BLUN · Listing never has to worry about US CLOUD Act exposure or non-EU subprocessor risk.

You can export everything we have on you in machine-readable JSON in one click (GDPR Article 15). You can delete it just as easily (Article 17). Audit log of who-touched-what for the last 24 months on every claimed listing.

Communications: encrypted end-to-end

Inquiry messages, AI translations, dispute discussions — all encrypted at rest with rotating per-tenant keys. In transit, TLS 1.3 only (no fallback to weaker ciphers). The AI translator processes content in-memory only; we don't train any model on user content.

Account access

Email + password (bcrypt-hashed, 12-round work factor) + optional TOTP 2FA via any standard authenticator app. SSO via SAML/OIDC available for Enterprise tier. Session cookies are HTTP-only, Secure, SameSite=Lax.

Compliance status

  • GDPR-ready since launch
  • EU AI Act — risk-classified as Limited Risk for our agent-stack
  • Mangopay license assignment in progress, scope: e-money issuance for marketplace
  • SOC 2 Type II — audit scheduled Q4 2026
  • ISO 27001 — gap analysis complete, certification cycle Q1 2027

Have a security question?

Coordinated disclosure or audit request? We respond within 48 hours.

security@blun.ai