First Data Protection Seal approved by EDPB
First Data Protection Seal approved by EDPB
The European Data Protection Board(EDPB) has concluded that the criteria used for the issuance of the Europrivacy Certification Data Protection Seal are in compliance with the GDPR. Following its approval, the EDPB published Opinion 28/2022.
The relevant aspect of this news is that this Opinion results in a common European Data Protection Seal and represents a great step, albeit voluntary, towards greater compliance with the Data Protection Regulations for all companies in Spain. of the Data Protection Regulation, of all the companies also in Spain.
The EDPB shall register the Europrivacy certification mechanism in the public register of certification mechanisms, seals and data protection marks in accordance with Article 42. 8 of the GDPR.
Eurprise previously sought to have its Seal approved by the EDPB, but they concluded that its certification mechanism and criteria could lead to inconsistent application of the GDPR and that changes were needed (a total of 45 changes and recommendations), as published in Opinion 25/2022.
Penalty for using seals or certificates of compliance with the RGPD and LOPD.
We remind that the issuance of Seals or Certificates of Compliance cannot be issued by any “expert” data protection consultant, because as established in Article 73 letter x), of the new LOPD, on the acts considered as Serious Infringements:
“The use of a data protection seal or certification that has not been granted by a duly accredited certification body or in the event that the validity of the same has expired.”
So we recommend those companies or professionals who intend to comply with the Data Protection Regulation, to stay away from those consultants who offer badges, seals or certificates that prove they are complying with the RGPD and the LOPD, if they do not want to commit a serious infringement punishable up to 10 million euros or 2% of the turnover of the last year (whichever is greater).
Legal certification mechanisms
According to Article 57.1 letter n) and 58 letter e) of the GDPR, only the supervisory authorities of each country are attributed the functions of approving the criteria and mechanisms for data protection certification, as well as issuing data protection seals and marks.
In this regard, Article 39 of the LOPD-GDD, designates the National Accreditation Entity (ENAC), for the authorization of certification institutions and so far there is no accredited institution in Spain to issue such certifications.
Perhaps in the future a data protection seal will be presented from Spain, although given that this first data protection seal approved by the EDPB is valid in all EU member states, it seems unlikely.
Europrivacy certification mechanism
Europrivacy Certification‘s certification mechanism is a general scheme that addresses a wide range of different personal data processing operations performed by both Controllers and Processors in various sectors.
The scheme includes specific criteria that make it scalable and applicable to specific processing operations or sectors of activity.
Business Adapter® at your service
If you need more information or want us to help you to comply with the European and Spanish data protection regulations(RGPD + LOPD) to which any company or professional is obliged, contact us by email: info@businessadapter.es, you can also call 96 131 88 04, or leave your message in this form:
[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[/su_button]