What is Europrivacy certification and how can you get it?
The European Data Protection Board has approved the first European Data Protection Seal for the certification of data processing in compliance with the requirements of Article 42.5 of the GDPR, which will be known as the “Europrivacy“.
With a recognition that covers all EU Member States – and all the corresponding Control Authorities – Europrivacy allows and guarantees data controllers the adequacy assessment and their formal certification of compliance of their data processing with the requirements of the General Regulation.
From an innovative perspective, it seeks to simplify, improve and certify the compliance of processing operations, covering both the requirements of the GDPR and of other non-EU privacy laws that pursue the same principles. It will be continuously monitored and updated by an International Council of Experts with the aim of guaranteeing users, data subjects and customers that companies that process their data and have obtained this certification will always proceed in the most efficient and appropriate manner.
Europrivacy seeks both to simplify what many consider to be the “tedious” task of complying with data protection regulations and to reduce the risk for all parties involved, allowing companies to identify possible breaches and reduce legal, financial and reputational risks.
In this line, it enables DPOs and auditors to qualify in Europrivacy’s online academy and benefit from the variety of tools and resources offered, including a community in which they can collaborate and share knowledge with other experts.
Of all the new features Europrivacy brings, the Board highlights:
- – The hybrid nature of its certification system, applicable to all types of data processing activities, while addressing sectoral and technical obligations, as well as potential risks for data subjects.
- – Its application to emerging technologies such as Artificial Intelligence, the Internet of Things and Blockchain.
- – Its extensibility to complementary national obligations, including non-EU regulations.
- – The creation of a ledger-based certificate register to authenticate certificates and prevent forgery.
- – Its innovative criteria format, readable by both humans and machines.
In addition to the aforementioned advantages offered to companies to assess the adequacy of their processing and the guarantee to the subjects that are part of them, it serves to those responsible for the correct selection of data processors and assists in the international transfers of data that they carry out.
Taking advantage of the complementary models of ISO/IEC 17065 and ISO/IEC 17021-1, the International Council of Data Protection Experts and the European Certification and Privacy Center, under the scheme of the European program “Horizon 2020”, have developed the Europrivacy so that it is compatible and applicable to a large number of data processing activities and, given its alignment with the aforementioned ISO standards, it guarantees an easy integration with the security certification of information management systems (ISO/IEC 27001).
Now, how do I get it?
The Europrivacy website provides a clear and simple process for obtaining the Seal:
- Request an offer from a qualified partner and a Europrivacy Welcome Package.
- Document your compliance with the Europrivacy criteria to reduce your risks and address any residual non-compliance that needs to be addressed.
- Choose a qualified certification body to certify your data processing.
- Assess and demonstrate your compliance with an authenticated Europrivacy certificate.
- Build confidence by maintaining and improving your compliance with our online resources, alerts and annual surveillance audits.