Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Poland: UODO announces voluntary certificate of GDPR compliance

On December 8, 2023, the Polish data protection authority (UODO) announced new provisions allowing companies to obtain voluntary industry certificates confirming compliance with the General Data Protection Regulation (GDPR) standards in personal data processing. In particular, the UODO approved additional requirements for accrediting certifying entities, paving the way for verification of compliance by controllers and processors.

What is the certification process?

The certification process involves the following:

  • accreditation will be performed by entities accredited by the Polish Center for Accreditation (PCA) based on the ISO/IEC 17065/2012 standard and additional requirements set by the UODO;
  • certification mechanisms, including criteria, are expected to be developed by entities seeking certification, tailored to industry specifics;
  • accreditation under specific certification mechanisms, following the creation of market-driven certification criteria, will be conducted by the PCA; and
  • the certification criteria must receive approval from the relevant supervisory authority or the European Data Protection Board (EDPB).

Furthermore, the UODO noted that more information on the certification can be found on its website. The UODO also mentioned that the first webinar in the 'Data Protection Certification' series is scheduled for December 12, 2023.

You can read the press release, only available in Polish, here.