On 10 October 2022 the European Data Protection Board (EDPB) issued a positive opinion for the first of its kind data protection seal. A data protection seal demonstrates a company’s compliance with the General Data Protection Regulation (GDPR). Europrivacy is the first organisation to be allowed to certify companies and issue seals under Article 42.5 GDPR.
Why would you want to obtain a seal?
There are several reasons why it is beneficial to apply and obtain a seal, including the following:
- The risks of processing activities of the applicant are identified and reduced;
- The beneficiaries of seals demonstrate and value GDPR compliance;
- Their reputation is enhanced.
What does it take to obtain the seal?
The most important actions to take are:
- Communicate your commitment through a privacy pact;
- Appoint a Data Protection Officer (DPO);
- Minimise personal data collecting, processing, retention and access;
- Take appropriate technological and organisational measures;
- Adopt adequate data protection policies and procedures, and communicate them;
- Keep your risk assessment and technological and organisational measures up to date;
- Document your compliance (processing activities, data breaches, Data Protection Impact Assessment, etc.).
Eubelius is ready to assist you in advising on whether this seal might be a suitable solution for your organisation and, if so, in guiding you through the process of obtaining the seal.