What is the General Data Protection Regulation?
GDPR is a regulation in European Union (EU) law on data protection and privacy in the EU and the European Economic Area (EEA). It is incorporated into UK law by the Data Protection Act 2018. It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
How do we check for conformity under GDPR?
All of our certification processes include for assessment of compliance under GDPR.
COMING SOON – Our certification scheme will be approved by the UK’s Information Commissioner’s Office – Found out more
What jurisdictions are GDPR applicable to?
Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.
It is also applicable to any organisation based outside of these countries, but processing data within these countries.
What standards, laws or regulations apply to GDPR?
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC General Data Protection Regulation
How do I get GDPR certified?
The first stage of gaining GDPR certification for your system is for us to undertake an Application Review in accordance with the requirements of ISO/IEC 17065:2012. There is no fee for the completion of an application review. PLEASE NOTE: You cannot apply for GDPR certification on its own through our scheme, you must be applying for another kind of certification. GDPR certification is automatically included.
During the application review:
- Define the scope of certification;
- Confirm the means available to perform all evaluation activities;
- Confirm our competence and ability to perform the certification activity;
- Confirm a plan for audit and evaluation;
- Provide an Estimated Fee for our Certification Services
Useful links about GDPR?
BECOME A TEST PURCHASER