Accreditation of certification bodies under Article 43 GDPR
Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of GDPR
Section 7.1 General
The accreditation body shall in addition to the requirement in section 7.1 ISO/IEC 17065/2012 be required to ensure the following:
-
1 Certification bodies comply with the additional requirements of the competent supervisory authority (pursuant to Article 43(1)(b)) when submitting the application in order that tasks and obligations do not lead to a conflict of interests pursuant to Article 43(2)(b);
-
2 Notify the relevant CSAs before a certification body starts operating an approved European Data Protection Seal in a new Member State from a satellite office.