Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Poland: UODO announces voluntary certificate of GDPR compliance
On December 8, 2023, the Polish data protection authority (UODO) announced new provisions allowing companies to obtain voluntary industry certificates confirming compliance with the General Data Protection Regulation (GDPR) standards in personal data processing. In particular, the UODO approved additional requirements for accrediting certifying entities, paving the way for verification of compliance by controllers and processors.
What is the certification process?
The certification process involves the following:
- accreditation will be performed by entities accredited by the Polish Center for Accreditation (PCA) based on the ISO/IEC 17065/2012 standard and additional requirements set by the UODO;
- certification mechanisms, including criteria, are expected to be developed by entities seeking certification, tailored to industry specifics;
- accreditation under specific certification mechanisms, following the creation of market-driven certification criteria, will be conducted by the PCA; and
- the certification criteria must receive approval from the relevant supervisory authority or the European Data Protection Board (EDPB).
Furthermore, the UODO noted that more information on the certification can be found on its website. The UODO also mentioned that the first webinar in the 'Data Protection Certification' series is scheduled for December 12, 2023.
You can read the press release, only available in Polish, here.