After a close to 3 year phase of integration of the GDPR legal framework by the various stakeholders, a new GDPR phase is starting with the implementation of a compliance certification system.
Certification is a strategic issue
with more than 70 references in the GDPR
(e.g. international transfers subject to appropriate safeguards, requirements about security of processing, …). More particularly, article 42 encourages the “establishment of data protection certification mechanisms, data protection seals and marks, for the purpose of demonstrating compliance
”, while article 43 paves the way for certification bodies to deliver, renew and control certification.
is the first data protection certification mechanism
in the process for receiving official endorsement as European Seal under Article 42 of the GDPR at EU scale . Designed with the support of the European Commission in collaboration with the Swiss Ministry of Research through the H2020 European Research Programme
, it is managed and continuously updated
by the European Centre for Certification and Privacy (ECCP) in Luxembourg and its International Board of Experts in data protection.
It is closely aligned with ISO standards
and completes management system certifications
such as ISO/IEC 27001 or 27701.
De Gaulle Fleurance & Associés is the first independent French law firm
selected and qualified as Europrivacy official partner by the European Centre for Certification and Privacy.
Why a certification scheme?
Their main advantages are to:
- Identify and reduce legal and financial risks (up to 10 or 20 million euros or 2 to 4% of annual worldwide turnover: please see GDPR Certification Cost Saving Estimator available on Europrivacy Website),
- Give value to investments made over time to comply with the GDPR,
- Imply a continuous legal watch,
- Improve reputation (position of front-runner in data protection) and access to market,
- Build trust and confidence, by appearing as a trustable seller or service provider for customers, as well as a reliable data controller or processor for business partners,
- Develop competitive advantage, e.g. in bidding for public procurement contracts,
- Ease cross-border data transfer,
- All of this through a confidential process.
Your Smart Journey to GDPR Certification with De Gaulle Fleurance & Associés
We have set up a task force
specifically dedicated to Europrivacy to intervene as “implementers
” (ahead of the audit process and as a follow-up) to support and prepare our clients for certifying and maintaining the conformity
of their data processing activities, by helping them:
- Select data processing activities to be certified;
- Prepare selected data processing for certification by documenting their conformity;
- Conduct necessary remediations in case of residual non-conformities;
- Bring the selected processing activities to certification by an independent accredited Certification Body;
- Elaborate a certification plan for the remaining priority data processing to be certified;
- Access to continuous updates on European and national requirements related to personal data protection in order to maintain and enhance conformity.
When needed, these missions will be handled with the support of our good friends in other jurisdictions
for the coverage of local law specificities.
We also are privileged partners of Smart Global Governance
, the GDPR compliance tool publisher that has been selected by Europrivacy to accompany organizations in their certification project.
We are able to integrate our assistance in the scope of the platform and bring a personalized legal service to assist clients using this platform in their path towards a serene and maintained certification.
More about Smart Global Governance: https://www.smartglobalgovernance.com/fr/
Our lawyers are available at: GDPRcertification@dgfla.com
. Your main contacts:
More about our digital activities
More About Europrivacy: https://europrivacy.org/en
Europrivacy is an international trademark registered in several jurisdictions