Europrivacy has been validated by the European Data Protection Board as the first European certification mechanism for compliance with the European Data Protection Regulation. On 10 October the European Data Protection Board validated Europrivacy as the first European Data Protection Seal to certify compliance with the General Data Protection Regulation (EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data).
This approval is a milestone in European data protection regulation as it is the only one to date with European recognition that certifies compliance with the General Data Protection Regulation, allowing applicant companies to identify and reduce risks, assess and demonstrate their compliance with this Regulation. The European seal would therefore represent an added value for companies, as it would improve their reputation, image and market access.
The validation of Europrivacy as the first European Data Protection certification mechanism has been carried out under Article 42 of the Data Protection Regulation, which states: ‘1. Member States, supervisory authorities, the Board and the Commission shall promote, in particular at Union level, the establishment of data protection certification mechanisms and data protection seals and marks to demonstrate compliance with the provisions of this Regulation in the processing operations of controllers and processors. The specific needs of micro, small and medium-sized enterprises shall be taken into account…” Pursuant to the above-mentioned Article 42, and in line with paragraph 5 of the same article, the European Data Protection Board endorsed the criteria established by Europrivacy, and consequently empowered it as the first European Data Protection Seal.
what are the Europrivacy criteria?
The Europrivacy criteria by which it qualifies as the first European Data Protection Seal are, in summary, the following:
- Use of a simplified methodology applicable to all types of legal entities, whether they are small, medium or large companies, cooperatives, non-profit entities or even public sector organisations.
- Identification, assessment, reduction and prevention of legal and financial risks.
- System aimed at a wide range of different processing activities, including those related to innovative and emerging technologies such as artificial intelligence, blockchain, metaverse, etc..
- Innovative format, as it is human-readable as well as machine-readable, and under cost-time optimisation.
- Designed to be continuously updated, in order to adapt to the evolution of regulations and jurisprudence.
- Implementation of online support tools and consultations.
At AddVANTE we have been advising companies on Data Protection matters for years, and we have a team of experts in Data Protection compliance programmes, which are based on criteria and parameters in line with those established by Europrivacy.