SOC 2 and GDPR for AI Productivity Software: An Enterprise Guide