Czech Republic: GDPR certification mechanism

19 Jan 2020

Articles 42 and 43 of the GDPR set down the requirements and potential mechanisms of data protection certification which the Member States are obliged to implement.

The purpose of certification is for a data controller or data processor, for example, a company offering services or software solutions, to demonstrate that it is compliant with the GDPR, which should therefore make its products and services more trusted by its customers and other concerned data subjects. As stated in the Recital 100 of the GDPR, the goal of certification is to make processing activities and related services more transparent.