Certification
Certification is a key compliance tool under the GDPR, helping to establish that a product, service, process, or data system is compliant with criteria approved by the CNIL or the EDPB.
What you need to know about certification
Certification is a compliance tool that allows professionals to communicate on their competencies in data protection or on the level of data protection of the products and services they provide.
What can be certified?
Certification can apply to an individual's skills, be awarded to a training organization, or pertain to one or more personal data processing activities carried out by a data controller or processor.
How do I get certified?
Certification must be requested from a certification body, which should be selected from the list of accredited bodies.
How to get a certification mechanism approved?
Your organization has created a certification mechanism and wishes to have its criteria approved by the CNIL (for national projects) or by the European Data Protection Board (EDPB) (for European projects).
List of approved certification mechanisms
Approved certification mechanisms are recognized by the CNIL as meeting the requirements defined by the French Data Protection Act or the GDPR.
List of accredited certification bodies
Only accredited bodies, recognized for their expertise and independence, are authorized to process certification applications for approved mechanisms.
List of certified training organisations
Certified organisations have been assessed by a certification body and successfully demonstrated compliance with the criteria of an approved certification mechanism.