EuroPriSe Criteria

Download the EuroPriSe Criteria for certification:

Criteria Catalogue based on GDPR ("GDPR ready"):

Criteria Catalogue based on Directive 95/46/EC:


Application of Criteria

EuroPriSe criteria “translate” the requirements into questions that can be answered in the context of an audit or certification. Not each and every question will be applicable to each and every product or service. The certification authority shall ensure that in any certification procedure the relevant criteria are applied and that all related questions are answered in a plausible manner, the appropriate granularity, and at a uniform and comparable level.

Legal Foundation

The latest version of the EuroPriSe criteria incorporates the new legal requirements that are introduced by the General Data Protection Regulation (GDPR) which will be applicable from late May 2018. Its predecessor is built on the requirements of the General Data Protection Directive (Directive 95/46/EC). Both versions integrate also other important EU regulations in relation to data protection, such as the ePrivacy Directive. In the catalogue, you will find a reference to the respective legal article and document the criterion refers to.

EuroPriSe Certification Criteria

"GDPR Ready" Certification Criteria for IT Products and Services

EuroPriSe's "GDPR ready" certification criteria for the certification of IT products and IT-based services have been operational since January 2017.

Prior to that, the previous version of the criteria catalogue had been updated. The major objective of this update was to incorporate the new legal provisions that are introduced by the General Data Protection Regulation as of May 25, 2018 into the previous version of the criteria catalogue. The updated criteria catalogue was presented to EuroPriSe's advisory board and published subsequently in late 2016. An overview of the most relevant changes that have been made to the criteria catalogue in light of the GDPR is available here.   

The "GDPR ready" certification criteria allow companies to demonstrate that their products and/or services comply with the new provisions of the GDPR even prior to the GDPR's date of applicability. This is important for companies who are interested in being GDPR ready in good time (prior to May 25, 2018), since an approved certification mechanism pursuant to Art. 42 f. GDPR is not available yet.

Important Note:

EuroPriSe's "GDPR ready" criteria catalogue has not been approved pursuant to Article 42(5) GDPR and EuroPriSe GmbH has not been accredited as a certification body pursuant to Article 43 GDPR yet. EuroPriSe is dedicated to receiving such approval and accreditation as soon as possible. 

© 2008 - 2017 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint