The Europrivacy Community and Resources website gathers all relevant information and documents to reduce your risks and to document, check, certify, and value your compliance with data protection regulations. To access these documents and resources, you must have subscribed to the community.

If you are alreadey subscribed, please log in. Otherwise, you are welcome to subscribe through the homepage.

How does Europrivacy compare to other certification schemes?

The Europrivacy certification scheme is quite comprehensive compared to other certification schemes.

It provides 212 criteria encompassing 663 requirements,^[1] including complementary domain-specific and technology-specific requirements. If we add the checks and controls of the Application and Target of Evaluation – Preliminary Checks and Controls, the Documentation Checklist and the Certificate Publication Checklist, we reach a total of 284 criteria and controls encompassing a total of 788 specific requirements. As a comparison with mainstream cybersecurity certification schemes, ISO/IEC 27001 specifies 114 criteria (Annex A) and ISO/IEC 27701 specifies 31 criteria for the data controller (Annex A) and 18 criteria for the data processors (Annex B).

Europrivacy has been designed according to the GDPR requirements to enable a comprehensive and reliable assessment of legal compliance of data processing activities as required by Art. 42 GDPR.

It has been researched to be easily extensible to complementary national obligations, as well as to address emerging technologies and domain specific risks for the data subjects with specialized complementary requirements. This grants it the necessary flexibility to adequately assess a large diversity of data processing. Europrivacy complies with both ISO/IEC 17065 and 17021-1 requirements and has been optimised to support joint and composed certifications.

Compared to other schemes, Europrivacy benefits from continuous monitoring of the European and national regulations and jurisprudence by an international board of experts in order to keep it aligned with the evolution of the legal and normative environment. Europrivacy also provides a unique approach of ecosystem and community building with a collaborative knowledge basis to support GDPR compliance that is shared with the Europrivacy implementers and auditors.

[1] Europrivacy criteria are often composed of several requirements identified by distinct identifier (i.e., a.1, a.2, b.1, etc.). Each applicable requirement has to be assessed and validated.