EuroPriSe Criteria

Download the EuroPriSe Criteria for certification:


Application of Criteria

EuroPriSe criteria “translate” the requirements into questions that can be answered in the context of an audit or certification. Not each and every question will be applicable to each and every product or service. The certification authority shall ensure that in any certification procedure the relevant criteria are applied and that all related questions are answered in a plausible manner, the appropriate granularity, and at a uniform and comparable level.

Legal Foundation

The latest version of the EuroPriSe criteria incorporates the new legal requirements introduced by the General Data Protection Regulation (GDPR). It integrates also other important EU regulations in relation to data protection, such as the ePrivacy Directive. In the catalogue, you will find a reference to the respective legal article and document the criterion refers to.

EuroPriSe Certification Criteria

Certification Criteria for IT Products and Services v201701

EuroPriSe's criteria catalogue v201701 for the certification of IT products and IT-based services has been operational since January 2017.

Prior to that, the previous version of the criteria catalogue had been updated. The major objective of this update was to incorporate the new legal provisions introduced by the General Data Protection Regulation as of May 25, 2018 into the previous version of the criteria catalogue. The updated criteria catalogue was presented to EuroPriSe's advisory board and published subsequently in late 2016. An overview of the most relevant changes that have been made to the criteria catalogue in light of the GDPR is available here.   

The criteria catalogue v201701 supports companies in demonstrating that their products and/or services comply with the provisions of the GDPR (cf. Art. 5(2) GDPR). This is important to companies today, since an approved certification mechanism pursuant to Art. 42 f. GDPR is not available yet.

Important Note:

EuroPriSe's criteria catalogue v201701 has not been approved pursuant to Article 42(5) GDPR and EuroPriSe GmbH has not been accredited as a certification body pursuant to Article 43 GDPR yet. Customers of EuroPriSe are instructed to indicate this clearly when making use of seals that have been granted on the basis of v201701 of the criteria catalogue (or any previous versions of this document). EuroPriSe is dedicated to receiving the approval of its certification criteria and the accreditation as a certification body in accordance with Art. 42 f. GDPR asap. 

© 2008 - 2019 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint



v1.5; service function as provided in 05/2018

Qualification: IT product and IT-based service (processor service)

View the REISSWOLF f.i.t. certificate

Version of Certification Criteria


Cert. No.



24/05/2018 - 31/05/2020




Public Report

f.i.t. Short Public Report Image Image 



Im Heegen 13
22113 Oststeinbek


Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.


Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject's consent and/or declaration of release from confidentiality.


REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers. 


REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.

The ToE includes

  • The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)

It does not include

  • REISSWOLF f.i.t. mobile app
  • REISSWOLF f.i.t. hotfolder
  • Office module
  • Teamviewer
  • Other alternative interfaces to clients

Technical + Legal Evaluator

Ann-Karina Wrede
Innungsstraße 7
21244 Buchholz

Initial Certification: 05/2018

REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users' compliance with EU data protection law.



This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk.


European Privacy Seal for REISSWOLF f.i.t.