With GDPR certification you show that you comply with privacy legislation (GDPR). Brand Compliance wrote its own standard (BC 5701) based on the legislation in order to be able to test whether the processes in your organisation in which personal data are processed comply with GDPR legislation. The General Data Protection Regulation (GDPR) has been applicable since 25 May 2018; with GDPR certification based on the BC 5701 standard you ensure that you comply with privacy legislation.
Put simply, the GDPR is a set of rules to better protect the data of European citizens. Where personal data could previously be processed unless the person in question had explicitly objected to it, this is now no longer the case. Under the new Regulation, personal data may only be processed if there is a legitimate basis for doing so or if consent has been given. By violating the law, you risk a fine imposed by the Dutch Data Authority.
BC 5701 is a Brand Compliance standard based on GDPR and provides guidance on how to correctly record processes in which you process personal data so that you can demonstrate that you comply with privacy legislation. With this standard and the associated certification process, Brand Compliance is working on a GDPR certification as required by privacy legislation.
The application for ISO 17065 accreditation has been submitted to the Dutch Accreditation Council (RVA). The preliminary investigation for this accreditation standard has been completed positively. The standard and the certification scheme have subsequently been submitted to the Dutch PData Authority, these documents are currently being assessed. After this, the follow-up investigation by the RVA will continue.
BC 5701 provides guidance to enable compliance with GDPR. It translates the complex matter into practical and clearly implementable procedures and measures. Once the standard has been implemented from A to Z within your organisation, an independent assessment can take place by an auditor. After a positive result, your organisation will receive a certificate that demonstrates that specific processes within your organisation meet the requirements imposed by the GDPR, however, this is not currently accredited.
Accredited GDPR certification
The BC 5701 standard has not yet been accredited, there are currently no other certifications or codes of conduct approved by the Dutch Data Authority. Check the website of the Dutch Data Authority for the latest status.
GDPR certification, the benefits at a glance:
- Competitive advantage. As a supplier or data processor, you will be asked whether you are GDPR-proof. With the certificate you offer certainty and confidence to your customers and suppliers, which your competitors may not be able to offer directly or as easily.
- Convenience. With one certificate you demonstrate that you meet the GDPR requirements. You don’t have to show everything every time.
- Promotional advantage. You actively demonstrate that you comply with the GDPR, which is good for your image.
- Covering risks.
For whom is certification important
GDPR applies to all organisations processing personal data of individuals within the EU and thus also applies to small organisations such as SMEs and self-employed persons. GDPR affects the entire organisation, i.e. ICT and marketing, but also HRM and other departments.