ePrivacyseal

ePrivacyseal GmbH awards the ePrivacyseal data protection seal of approval following an in-depth audit of a company's online and mobile products. The certification covers the requirements of the General Data Protection Regulation (GDPR) for digital products. The catalogue of criteria for certification is continuously being adapted to the interpretation of the GDPR and other data protection laws. In the course of our assessments, we will give you valuable tips on how you can design your business model in compliance with data protection regulations. The ePrivacyseal thus helps you to ensure secure and visible compliance with the GDPR.

Important note regarding the award of the ePrivacyseal EU on the basis of the current procedures (Art. 42 ff DSGVO): HERE.

These versions of the ePrivacyseal are available for different European markets:

 

The ePrivacyseal EU attests to a product's compliance with the list of ePrivacyseal criteria, which reflects the requirements imposed by EU data protection legislation in accordance to EU General Data Protection Regulation. This seal is not an accredited procedure within the meaning of article 42, 43 GDPR.

 

The ePrivacyseal CH attests to a product's compliance with the list of ePrivacyseal CH criteria, which reflects the requirements imposed by Swiss data protection legislation. We work closely with our Swiss legal advisers in this context.

ePrivacy adheres to all of the important certification standards:

  • Lists of criteria drawn up on the basis of applicable and recognized legal norms and imposing additional stringent requirements
  • Publication of the lists of criteria
  • Publication of the seals awarded together with a statement of the grounds for the award
  • Collaboration with accredited experts
  • Listing of the ePrivacy seal with the Data Protection Foundation (Stiftung Datenschutz)

ePrivacy's adherence to these certification standards ensures a high degree of market recognition for its seals – on the part of its customers, investors and competitors.

Certification process

  1. We will work with you in defining your business and/or specific product-related targets for the certification process, and thereby ascertain whether you wish to obtain a CH or an EU seal.
  2. In the context of a workshop, ePrivacy's experts will thoroughly and systematically examine your product in light of the applicable technical, organizational and legal requirements, and provide you with valuable information on the state of the art and on any need for optimization.
  3. Should it be necessary, you will then be given the opportunity to optimize your product from a technical standpoint or to implement improvements of a legal nature in the context of contracts or declarations of consent. ePrivacy's experts will also be happy to advise you at this stage in the process.
  4. When your product is ready to undergo a final audit, ePrivacy's accredited experts will examine it in light of the technical organizational and legal criteria stipulated in the list of ePrivacyseal criteria. Where necessary, we will recommend further measures for improvement or issue requirements to be met for the award of the seal of approval.
  5. Certification will be awarded upon the conclusion of the application process by ePrivacyseal GmbH, which will evaluate the technical report and legal opinion prepared by our experts. You will receive the certificate of approval together with our final report, at which point you will be entitled to integrate the seal logo into your website content and PR materials.

Given that the digital ecosystem is continually changing and, in particular, is a source of much technical innovation which is of relevance from a data protection perspective, the period of validity of ePrivacyseal GmbH's seals is two years. Thereafter, recertification will be necessary, however in our experience this process is significantly less onerous than the initial certification process.

    Dino Bongartz

    CEO, The ADEX | Leading Data Management Platform, Marketplace & Verification

    As a data processor that works with numerous EU and German clients, the ePrivacyseal certification and ePrivacy’s guidance has been particularly valuable.

The ePrivacyseal is applicable to the following industries and business models:

  • App providers
  • Big data applications and data providers
  • Cloud solutions
  • Connected cars
  • CRM systems
  • Digital platforms
  • eHealth
  • Face recognition/video analysis
  • Online trade/e-commerce
  • Online marketing
  • Online media
  • Real-time bidding/programmatic advertising
  • Retail marketing
  • Social media
  • Telecommunications
  • Tracking solutions
  • TV/video
  • ...

Note: The list of criteria has not yet been approved in accordance with Art. 42 para. 5 GDPR, as the relevant procedures have not yet been made available by the supervisory authorities. ePrivacyseal GmbH is therefore currently not an approved certification body within the meaning of Art. 42 para. 5 GDPR, as such an approval is currently not possible. As soon as a corresponding certification procedure is available, ePrivacyseal GmbH will submit the necessary applications. ePrivacy has been recognised as an expert inspection authority for law and technology (BDSG old version) at the Unabhängigen Landeszentrum für Datenschutz Schleswig Holstein. The applicants should not give any other impression.

Avez-vous des questions ou des recommandations pour nous?

Nous sommes ravis de recevoir vos commentaires.