/PRNewswire/ — The European Data Protection Board (EDPS) has taken two major decisions that will facilitate international data transfers, while strengthening the protection of personal data: It has approved the extension of Europrivacy, the European Data Protection Label of the General Data Protection Regulation (GDPR), so that it can be used in non-European countries. It also approved a specific version of the Europrivacy criteria to be used as a Mechanism for International Data Transfers under Article 46 of the GDPR.
GDPR Certification expands globally
The first decision of the EDPS authorizes the use of Europrivacy certification outside Europe. Europrivacy had already been recognized as a European Data Protection Label under Article 42 of the GDPR by companies established in EU and EEA countries. This decision allows companies subject to GDPR around the world to use this mechanism to demonstrate the compliance of their data processing activities.
A New Mechanism for International Data Transfers
The EDPS has also approved a specific version of the Europrivacy certification criteria, which can be used, in accordance with Article 46 of the GDPR, within the framework of appropriate safeguards for international data transfers. This is an important step in the operationalization of certification mechanisms for cross-border data flows. In practice, it will help businesses acting as data importers outside the EEA to demonstrate that they are complying with GDPR requirements, provided that binding and enforceable commitments are in place. This development strengthens legal certainty and promotes confidence in international data transfers.
Impact on data transfers
International data transfers are subject to increasing data protection obligations. The GDPR refers to certification 73 times. Through independent assessments and audits, it supports compliance and data transfers. Early European adopters reported that it enabled them to:
- Verify and demonstrate compliance;
- Reduce risks and build confidence;
- Simplify compliance and reduce associated costs;
- Promote compliance and make it a source of competitive advantages and revenue;
- Facilitate data transfers.
In addition, Europrivacy allows companies to:
- Extend conformity assessment to non-EU jurisdictions;
- Access online resources to support compliance and certification;
- Benefit from a global ecosystem of service providers.
Migrate to International Data Protection Certification
By making the GDPR mechanism accessible to other countries, the EDPS responds to the growing need for reliable ways to demonstrate cross-border data protection compliance. Interprivacy, the international data protection certification system approved by the IAF for global use, aligns with Europrivacy. They complement each other to support a digital economy that respects individual rights and freedoms.
Useful links
- Europrivacy : europrivacy.org
- ECCP : eccpcenter.org
- CEPD: edpb.europa.eu
- Newspaper duCEPD 1
- Newspaper duCEPD 2
- Webinar May 5 : academy.europrivacy.com/events/gdpr-certification-goes-global