The latest developments of data protection seals

One aspect in data protection that is regularly discussed is the benefit of a “state” data protection certification according to art. 42 and 43 GDPR. These seals are intended to be awarded by a state-accredited certification body and serve as official state-recognized GDPR compliance seal for data processors or controllers. We will collaborate with operators of state certification bodies and bring in our consulting expertise.
Since the beginning of the year, Germany has one state-accredited certification body. However, demand in the market is still low because the certification process is highly complex and time-consuming. State certification projects can take between 12 and 18 months. In 2024, German digital health applications (DiGAs) are mandated by law to obtain a state seal. There is currently no available state accreditation procedure on the market, but it is expected to be available soon.
Our experienced auditors are here to assist you, whether through consultation or auditing of your solutions within the framework of available state certification. The clear separation of consulting and certification ensures independence, integrity, and compliance with legal requirements. With over 450 certifications in the past 13 years and experience in establishing several certification bodies, our auditors have the expertise to guide you through the process of state certification.
Of course, the ePrivacyseal data protection seal can still be used as a GDPR seal. We are happy to schedule a meeting with you to inform you about the various certification options. We help you choose the seal that best fits your needs.