Accreditation of certification bodies under Article 43 GDPR
Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of GDPR
Section 4.6 Publicly available information
The accreditation body shall in addition to the requirement in 4.6 ISO/IEC 17065/2012 require from the certification body that at minimum
-
1 all versions (current and previous) of the approved criteria used within the meaning of Article 42(5) are published and easily publicly available as well as all certification procedures, generally stating the respective period of validity;
-
2 information about complaints handling procedures and appeals are made public pursuant to Article 43(2)(d).