Certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR
Guidelines 01/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR
ANNEX 1: TASKS AND POWERS OF SUPERVISORY AUTHORITIES IN RELATION TO CERTIFICATION IN ACCORDANCE WITH THE GDPR
|
Provisions |
Requirements |
Tasks |
Article 43(6) |
Requires the supervisory authority to make public the criteria referred to in Article 42(5) in an easily accessible form and transmit them to the Board. |
Article 57(1)(n) |
Requires the supervisory authority to approve certification criteria pursuant to Article 42(5). |
|
Article 57(1)(o) |
Provides that where appropriate (i.e. where it issues certification), it shall carry out a periodic review of certification issued in accordance with Article 42(7). |
|
Article 64(1)(c) |
Requires the supervisory authority to communicate the draft decision to the Board, when it aims to approve the criteria for certification referred to in Article 42(5). |
|
Powers |
Article 58(1)(c) |
Provides that the supervisory authority has the power to carry out reviews of certification pursuant to Article 42(7); |
Article 58(2)(h) |
Provides that the supervisory authority has the power to withdraw or order the certification body to withdraw certification or order the certification body not to issue certification. |
|
Article 58(3)(e) |
Provides that the supervisory authority has the power to accredit certification bodies |
|
Article 58(3)(f) |
Provides that the supervisory authority has the power to issue certification and approve certification criteria. |
|
Article 58(3)(e) |
Provides that the supervisory authority has the power to accredit certification bodies. |
|
Article 58(3)(f) |
Provides that the supervisory authority has the power to issue certification and approve certification criteria. |