Europrivacy: The First European Data Protection Seal

Europrivacy™/® – The first European Data Protection Seal

On 12 October 2022, the EDPB (European Data Protection Board) endorsed the Europrivacy^™/® certification scheme. This is the first certification mechanism, or data protection seal, that entities can achieve to demonstrate their compliance with the GDPR (General Data Protection Regulation) and other national data privacy obligations.

This guide introduces the following key elements of Europrivacy:

• Preparing for certification.
• The certification criteria.
• The GDPR core criteria.
• Complementary contextual checks and controls.
• Technical and organisational checks and controls .
• National requirements.
• The certification process.

The Europrivacy scheme embraces a broad range of data processing operations, including new technologies such as blockchain, the Internet of Things, automated cars, smart cities and AI.

There are considerable advantages for entities that certify some, or all, of their personal data processing activities to Europrivacy:

• Demonstrate to customers, clients, employees, suppliers and other stakeholders that protection of personal data being processed is of utmost importance.
• Reduce the financial and legal risks of non-compliance with the requirements of the GDPR. Non-compliance could lead to fines of up to £17.5 million (€20 million) or 4% of total worldwide turnover, whichever is greater.
• Get peace of mind that Europrivacy checks and controls are continually updated to take into account any regulatory or legislative changes, advice and guidance from the EDPB, and changes to national and domain-specific obligations.

About the Author

Alice Turley is a knowledgeable and experienced senior governance, risk, compliance and privacy consultant with IT Governance Europe. She is a qualified data privacy, information security, risk and compliance professional, consultant and trainer, and a PCI DSS QSA (Payment Card Industry Data Security Standard Qualified Security Assessor).

Alice is highly experienced in providing solution-based advice, skilled in developing compliance, privacy and risk frameworks and assessing risk, as well as developing and executing monitoring and auditing programmes, and an expert in implementing and auditing ISO/IEC and BS standards.

She has provided consultancy on privacy information management and information security management systems across a wide range of industries in both the private and public sectors. She is a certified Europrivacy Lead Implementer and Lead Auditor.