Europrivacy™/® is the first GDPR (General Data Protection Regulation) certification mechanism recognised as the European Data Protection Seal, as defined by Article 42 of the Regulation, in all EU member states. It enables organisations to demonstrate that their data processing activities comply with the EU GDPR and relevant national and international regulations.
The Europrivacy certification scheme was developed through the European Research Programme Horizon 2020, and co-funded by the European Commission and Switzerland.
It is managed and continually updated by the ECCP (European Centre for Certification and Privacy) in Luxembourg and its International Board of Experts in data protection, with the support of official partners such as the Italian Institute for Privacy and Data Valorisation.
It was approved by the EDPB (European Data Protection Board) as the European Data Protection Seal on 10 October 2022.
Europrivacy enables both data controllers and data processors to formally certify that their data processing activities comply with the GDPR and other relevant data protection laws.
Europrivacy certification is recognised in all 27 EU Member States and will be taken into account by the data protection authorities in the case of litigation.
To achieve certification, organisations must meet, among others, the Europrivacy core criteria, which are maintained by the ECCP and its Europrivacy International Board of Experts.
The core criteria allow organisations to assess their compliance with regard to:
Where applicable, the core criteria are supplemented with:
Certificates are valid for three years.
You can learn more about Europrivacy certification on the Europrivacy website.
Europrivacy Partner logoGRCI Law’s parent company, GRC International Group, is an official partner of the European Centre for Certification and Privacy to support the implementation of Europrivacy™/® data protection related services.
Alongside our sister companies IT Governance UK and IT Governance Europe, we offer a comprehensive range of services to organisations that wish to certify that their data protection practices comply with the EU GDPR and relevant national data protection laws.
GRCI Law is a specialist data protection, privacy, cyber risk and information security legal and compliance consultancy firm. We offer a full suite of data privacy, data protection and cyber incident response solutions to a global client base. Our clients operate in a wide range of sectors including health and social care, education, professional services, retail, technology, media and telecoms.
We only advise on data protection, privacy, cyber and information security, and associated non-reserved legal services, which means our team has sector-specific knowledge and experience, and visibility of the latest trends, best practice, developments and challenges. Our clients view us as part of their teams and we are known for our pragmatic, commercial advice.
As a Europrivacy official partner, GRC International Group has been evaluated and selected on the basis of its track record and expertise in data protection.
Only the official partners are authorised by the ECCP to deliver Europrivacy-related services. You can find a full list of official partners on the Europrivacy website.
If you would like more information about our services and what we can do to help you, please get in touch with our team of experts.