diff --git a/antora.yml b/antora.yml
index 3d9439389..b862577d9 100644
--- a/antora.yml
+++ b/antora.yml
@@ -11,6 +11,7 @@ nav:
- modules/ROOT/nav2.adoc # this is for the 'Management' link
- modules/reference/nav.adoc
- modules/contributor/nav.adoc
+ - modules/compliance/nav.adoc
- modules/ROOT/nav3.adoc # this is for the extra bits at the end of the menu
# The prerelease setting affects version sorting.
# Set to 'true' for nightly and false otherwise.
diff --git a/modules/ROOT/nav3.adoc b/modules/ROOT/nav3.adoc
index 6ad887ca3..12f9a3c21 100644
--- a/modules/ROOT/nav3.adoc
+++ b/modules/ROOT/nav3.adoc
@@ -1,5 +1 @@
* xref:release-notes.adoc[Release notes]
-* xref:product-information.adoc[]
-* xref:policies.adoc[]
-* xref:licenses.adoc[Licenses]
-* xref:export.adoc[Export Control]
diff --git a/modules/ROOT/partials/supported-kubernetes-distributions.adoc b/modules/ROOT/partials/supported-kubernetes-distributions.adoc
index 200fc245b..14451b02c 100644
--- a/modules/ROOT/partials/supported-kubernetes-distributions.adoc
+++ b/modules/ROOT/partials/supported-kubernetes-distributions.adoc
@@ -1,10 +1,10 @@
-* xref:kubernetes/eks.adoc[]
-* xref:kubernetes/aks.adoc[]
-* xref:kubernetes/gke.adoc[]
-* xref:kubernetes/ionos-managed-k8s.adoc[]
-* xref:kubernetes/ionos-managed-stackable.adoc[]
-* xref:kubernetes/kind.adoc[]
-* xref:kubernetes/microk8s.adoc[]
-* xref:kubernetes/openshift.adoc[]
-* xref:kubernetes/suse-k3s.adoc[]
-* xref:kubernetes/suse-rancher.adoc[]
+* xref:ROOT:kubernetes/eks.adoc[]
+* xref:ROOT:kubernetes/aks.adoc[]
+* xref:ROOT:kubernetes/gke.adoc[]
+* xref:ROOT:kubernetes/ionos-managed-k8s.adoc[]
+* xref:ROOT:kubernetes/ionos-managed-stackable.adoc[]
+* xref:ROOT:kubernetes/kind.adoc[]
+* xref:ROOT:kubernetes/microk8s.adoc[]
+* xref:ROOT:kubernetes/openshift.adoc[]
+* xref:ROOT:kubernetes/suse-k3s.adoc[]
+* xref:ROOT:kubernetes/suse-rancher.adoc[]
diff --git a/modules/ROOT/partials/tested-kubernetes-distributions.adoc b/modules/ROOT/partials/tested-kubernetes-distributions.adoc
index 7f486eeb6..8267cd937 100644
--- a/modules/ROOT/partials/tested-kubernetes-distributions.adoc
+++ b/modules/ROOT/partials/tested-kubernetes-distributions.adoc
@@ -1,7 +1,7 @@
-* xref:kubernetes/huawei-cloud.adoc[]
-* xref:kubernetes/ibm-cloud.adoc[]
-* xref:kubernetes/ovh-mks.adoc[]
-* xref:kubernetes/plusserver.adoc[]
-* xref:kubernetes/ske.adoc[] (with the exception of missing public NodePorts)
-* xref:kubernetes/vmware_tanzu.adoc[]
-* xref:kubernetes/oke.adoc[]
+* xref:ROOT:kubernetes/huawei-cloud.adoc[]
+* xref:ROOT:kubernetes/ibm-cloud.adoc[]
+* xref:ROOT:kubernetes/ovh-mks.adoc[]
+* xref:ROOT:kubernetes/plusserver.adoc[]
+* xref:ROOT:kubernetes/ske.adoc[] (with the exception of missing public NodePorts)
+* xref:ROOT:kubernetes/vmware_tanzu.adoc[]
+* xref:ROOT:kubernetes/oke.adoc[]
diff --git a/modules/ROOT/assets/images/full_support_scenario_1.png b/modules/compliance/images/full_support_scenario_1.png
similarity index 100%
rename from modules/ROOT/assets/images/full_support_scenario_1.png
rename to modules/compliance/images/full_support_scenario_1.png
diff --git a/modules/ROOT/assets/images/full_support_scenario_2.png b/modules/compliance/images/full_support_scenario_2.png
similarity index 100%
rename from modules/ROOT/assets/images/full_support_scenario_2.png
rename to modules/compliance/images/full_support_scenario_2.png
diff --git a/modules/ROOT/assets/images/maintenance_phase.png b/modules/compliance/images/maintenance_phase.png
similarity index 100%
rename from modules/ROOT/assets/images/maintenance_phase.png
rename to modules/compliance/images/maintenance_phase.png
diff --git a/modules/ROOT/assets/images/product_release_cycle.png b/modules/compliance/images/product_release_cycle.png
similarity index 100%
rename from modules/ROOT/assets/images/product_release_cycle.png
rename to modules/compliance/images/product_release_cycle.png
diff --git a/modules/compliance/nav.adoc b/modules/compliance/nav.adoc
new file mode 100644
index 000000000..03c6bf80d
--- /dev/null
+++ b/modules/compliance/nav.adoc
@@ -0,0 +1,6 @@
+* xref:index.adoc[Compliance]
+** xref:product-information.adoc[]
+** xref:policies.adoc[]
+** xref:licenses.adoc[Licenses]
+** xref:export.adoc[Export Control]
+** xref:cra.adoc[CRA]
diff --git a/modules/compliance/pages/cra.adoc b/modules/compliance/pages/cra.adoc
new file mode 100644
index 000000000..94264173e
--- /dev/null
+++ b/modules/compliance/pages/cra.adoc
@@ -0,0 +1,57 @@
+= Cyber Resilience Act (CRA)
+
+NOTE: The https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32024R2847[Cyber Resilience Act (CRA)] is a European regulation that establishes cybersecurity requirements for products with digital elements placed on the EU market.
+It aims to ensure that hardware and software products are designed, developed, and maintained with adequate cybersecurity throughout their lifecycle.
+
+This will be expanded over time.
+
+== Target Audience & Content
+
+This page serves as a central hub for
+
+* users of the Stackable Data Platform (SDP),
+* market surveillance authorities,
+* and the https://single-market-economy.ec.europa.eu/single-market/goods/building-blocks/market-surveillance/organisation/adcos_en[Administrative Cooperation Group] (AdCo) established in Article 52(15)
+
+to find all information mandated by the CRA in a single and central place.
+
+== Stackable Data Platform (SDP) classification
+
+The CRA defines multiple product categories that determine the conformity assessment procedure.
+We consider the Stackable Data Platform to be a default product (not Important or Critical).
+This means we perform a self-assessment of conformity rather than requiring third-party certification.
+
+== Annex II: Information and instructions to the user
+
+Annex II of the CRA specifies information that manufacturers must provide to users.
+The following items correspond to the numbered requirements in Annex II:
+
+. **Contact Information**: You can find all our contact information on our homepage in the https://stackable.tech/en/imprint/[imprint] section.
+
+. **Vulnerability Disclosure**: Please see our https://stackable.tech/en/vulnerability-disclosure-policy/[Vulnerability Disclosure Policy] for all information on how to report vulnerabilities in a coordinated way.
+
+. **Product Identification**: The Stackable Data Platform (SDP) is a Kubernetes-based data platform for operating data applications.
+All our images are tagged and contain annotations to identify the product versions.
+Additional documentation will follow.
+
+. **Intended Purpose and Security Properties**: Information about the intended purpose of SDP, the security environment, essential functionalities, and security properties will be documented here.
+
+. **Known Cybersecurity Risks**: Information about known or foreseeable circumstances that may lead to significant cybersecurity risks will be documented here.
+
+. **EU Declaration of Conformity**: The internet address at which the EU declaration of conformity can be accessed will be provided here when available.
+
+. **Security Support and Support Period**: Please see our xref:policies.adoc[Lifecycle policies] for information on the type of security support offered and the support duration, including the period during which vulnerabilities will be handled and security updates provided for the Stackable Data Platform and the included products.
+
+. **Security Instructions**: Detailed instructions on the following topics will be documented here:
++
+--
+* Necessary measures during initial commissioning and throughout the product lifetime to ensure secure use
+* How changes to the product can affect data security
+* How to install security-relevant updates
+* Secure decommissioning of the product and secure removal of user data
+* How to manage automatic security update settings
+* Information for integrators on cybersecurity requirements (where applicable)
+--
+
+. **Software Bill of Materials (SBOM)**: We provide https://sboms.stackable.tech/[SBOMs] for all container images in the Stackable Data Platform.
+Please see our xref:guides:viewing-and-verifying-sboms.adoc[SBOM documentation] for information on how to access, view, and verify SBOMs.
diff --git a/modules/ROOT/pages/export.adoc b/modules/compliance/pages/export.adoc
similarity index 97%
rename from modules/ROOT/pages/export.adoc
rename to modules/compliance/pages/export.adoc
index 2512735e3..802d0ad16 100644
--- a/modules/ROOT/pages/export.adoc
+++ b/modules/compliance/pages/export.adoc
@@ -1,4 +1,5 @@
= Export Control
+:page-aliases: ROOT:export.adoc
:description: Stackable Data Platform is exempt from US EAR export controls due to its publicly available status and use of standard encryption. Code is open source on GitHub.
== USA
diff --git a/modules/compliance/pages/index.adoc b/modules/compliance/pages/index.adoc
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/ROOT/pages/licenses.adoc b/modules/compliance/pages/licenses.adoc
similarity index 98%
rename from modules/ROOT/pages/licenses.adoc
rename to modules/compliance/pages/licenses.adoc
index d98fd2c76..97e27d1ef 100644
--- a/modules/ROOT/pages/licenses.adoc
+++ b/modules/compliance/pages/licenses.adoc
@@ -1,4 +1,5 @@
= Licenses for the Stackable Data Platform
+:page-aliases: ROOT:licenses.adoc
:description: Find licenses for all Stackable Data Platform components available on GitHub including operators, stackablectl, and Docker images.
The Stackable Data Platform is open source, and the source code of all the components can be found on GitHub. Licenses are also provided alongside the source code, in a file called `LICENSE`.
diff --git a/modules/ROOT/pages/policies.adoc b/modules/compliance/pages/policies.adoc
similarity index 99%
rename from modules/ROOT/pages/policies.adoc
rename to modules/compliance/pages/policies.adoc
index 18cb2e2f8..844568607 100644
--- a/modules/ROOT/pages/policies.adoc
+++ b/modules/compliance/pages/policies.adoc
@@ -1,4 +1,5 @@
= Lifecycle policies
+:page-aliases: ROOT:policies.adoc
:description: Detailed lifecycle policies for Stackable Data Platform, covering SDP, CRD versioning, product support, and compatibility with Kubernetes & OpenShift.
This page details lifecycle policies for the Stackable Data Platform (SDP).
diff --git a/modules/ROOT/pages/product-information.adoc b/modules/compliance/pages/product-information.adoc
similarity index 95%
rename from modules/ROOT/pages/product-information.adoc
rename to modules/compliance/pages/product-information.adoc
index 4824b09d2..3857786c9 100644
--- a/modules/ROOT/pages/product-information.adoc
+++ b/modules/compliance/pages/product-information.adoc
@@ -1,4 +1,5 @@
= Product information
+:page-aliases: ROOT:product-information.adoc
:description: Learn about concrete specifications of the Stackable Data Platform (SDP) as a product, which components are
included, how they are supplied and which external dependencies exist that you as a customer need to take care of.
@@ -39,7 +40,7 @@ functionality for managing and control SDP: xref:commons-operator:index.adoc[Com
xref:secret-operator:index.adoc[Secret] and xref:listener-operator:index.adoc[Listener] Operator.
The pages linked above also detail the use cases and features supported by each component. You can find additional
-information in the xref:release_notes.adoc[release notes]. Refer to the xref:operators:supported_versions.adoc[list of
+information in the xref:ROOT:release_notes.adoc[release notes]. Refer to the xref:operators:supported_versions.adoc[list of
supported product versions] to find out which product versions are supported.
@@ -106,16 +107,16 @@ components.
A Kubernetes cluster is required to install the Stackable Data Platform.
The supported Kubernetes versions for each platform release can be found here:
-xref:release-notes.adoc[SDP Release notes]
+xref:ROOT:release-notes.adoc[SDP Release notes]
There are various Kubernetes distributions.
The following distributions are supported for a production setup of the Stackable Data Platform:
-include::partial$supported-kubernetes-distributions.adoc[]
+include::ROOT:partial$supported-kubernetes-distributions.adoc[]
These Kubernetes distributions are not officially tested by us but based on community feedback have been known to work. Some might require extra steps, please refer to the detailed pages for more information. Please contact us if you're interested in official support for any of these:
-include::partial$tested-kubernetes-distributions.adoc[]
+include::ROOT:partial$tested-kubernetes-distributions.adoc[]
=== Product specific dependencies
diff --git a/supplemental-ui/partials/navbar.hbs b/supplemental-ui/partials/navbar.hbs
index 81cd2d2a8..768d05d4e 100644
--- a/supplemental-ui/partials/navbar.hbs
+++ b/supplemental-ui/partials/navbar.hbs
@@ -69,12 +69,27 @@