Certification of training providers for the protection of personal data


With the rise of digital technology, the number of Internet users is constantly increasing. Every second, Internet users, whether personal or professional, leave behind a multitude of data. This information collected by the websites visited is exploited daily for sometimes unscrupulous purposes. In order to protect and reinforce the security linked to the processing of Internet users' personal data, the RGPD (General Data Protection Regulation) was introduced in 2016 and, since 2018, must be applied by all companies that process their users' data. Training organisations are no exception to this rule.

What is Certification des OF DPO certification?

Qu'est-ce que

The certification of training providers for the protection of personal data is a certification based on the CNIL's reference framework. It is a voluntary mechanism allowing training organisations to justify that their service is in line with the RGPD and the Data Protection Act. It concerns training providers who wish to enhance the content of their personal data protection training, in order to demonstrate their compliance with the CNIL's requirements. 

Its objective is to certify the quality of the actions of training providers in the protection of personal data under a single reference system. 

The characteristics

Les caractéristiques

Obtaining a certification based on the CNIL's reference system allows you, as a training provider, to obtain recognition attesting to the quality of the training you provide in this field.

Offering a training course as a certified organisation will enable you to rely on the guarantees provided by compliance with the criteria of the reference system, namely :

  • A base of skills and competences defined by the CNIL
  • Content that is regularly updated to take into account current developments in the field of data protection
  • Speakers mobilised according to their skills and their ability to meet the specific objectives of each training course (for example, a particular sector of activity, theme or personal data processing)



The certificate is valid for 3 years and has the advantage that its certification cycle is compatible with the Qualiopi certification.

Complément de texte

The main requirements of the CNIL reference framework :

The CNIL reference framework, published in December 2020, sets out all the criteria for obtaining certification, to which the training provider will have to demonstrate compliance in order to obtain certification. These criteria are divided into 8 themes:

  1. General requirements;
  2. Requirements concerning public information for proposed training;
  3. Requirements for identifying training needs and objectives;
  4. Training design requirements;
  5. Requirements for preparation and adaptation of trainings to learners;
  6. Requirements for training conditions;
  7. Trainers competency requirements;
  8. Requirements for collecting feedback and taking complaints into account.

The benefits of Certification des OF DPO

Bénéfices de cette certification

Increased customer confidence in meeting their needs and expectations

  • Progress and permanent updating of contents
  • National recognition
  • Increasing your attractiveness, satisfying your learners by giving them the keys to understanding the challenges of personal data protection, and being part of a long-term quality approach: these are the main benefits of the data protection training provider certification for which Apave Certification has certified you.

Why choose Apave

Pourquoi choisir Apave

Apave Certification, a subsidiary of the Apave Group, has solid expertise based on its many years of customer feedback over the past 150 years. Apave Certification is an independent third-party certification company that supports you in your certification processes, whether voluntary or regulatory. With the support of a network of qualified auditors and laboratories, we operate throughout France and internationally.

Apave Certification's strengths

  • A human-sized structure with an approach focused on our clients' needs
  • A network of qualified auditors and assessors, carefully selected for optimal service quality
  • A wide geographical coverage allowing a great reactivity and a control of the deadlines
  • Personalised support with the possibility of creating a customised certification or reference system.
  • Obtaining a certificate that is known and recognised at national and international level thanks to our numerous accreditations

Steps and processes

Etapes et processus

To obtain certification, Apave Certification will guide you through the 6 steps leading to the delivery of your certificate :

  1. Initial application for certification :
  2. Planning of the audit between the audited organisation & Apave Certification
  3. Initial certification audit
  4. Certification decision
  5. Issuance of the certificate
  6. Follow-up audit in accordance with the terms of the standard

Apave Certification is also accredited by COFRAC (French Accreditation Committee), as a certification body according to ISO 17024 for the Certification of Persons and Skills, accreditation no. 4-0521, available at www.cofrac.fr.

How to obtain certification : 

Certification as a data protection training provider is a voluntary process. Nevertheless, in order to apply for this certification under the best possible conditions, to facilitate its award, and to better meet the requirements of the CNIL* reference framework, it is recommended 

  • That your data protection training has already been designed and delivered
  • That your quality system has been in place for 6 months and that it has been audited internally at least once

Did you know ?

For service providers subject to the obligation of certification according to the national quality reference system (Qualiopi), this certificate is to be taken into account during the evaluation carried out to obtain certification for data protection training providers.

You want to get
more information on our certifications ?
Ask for a quote

Apave Certification's strengths

Apave Certification's services are based on 5 major areas: Management systems Skills certification (DPO...) Product certification (CB Scheme...) Services (Qualiopi) Labels / Evaluations (HS2...)

Independent third party
Apave Certification is a recognized and independent certification body specialized in certification engineering.

Apave Certification works quickly, throughout France and internationally, and keeps deadlines under control.

Apave Certification relies on a large geographical network of qualified internal and external auditors, both nationally and internationally.

Apave Certification is a flexible structure with a customer-oriented approach, which is involved in both voluntary professional certifications and regulatory and mandatory certifications.

Apave Certification, a subsidiary of the Apave group, benefits from solid expertise based on extensive customer feedback over more than 150 years.

Recognitions and accreditations
Apave Certification holds numerous accreditations and recognitions, guaranteeing our quality and technical systems and proving our competence, know-how and independence.




Toolkits and useful links

Référentiel des critères de certification CNIL
Guide de lecture des critères du référentiel
Fiche Produit
Référentiel des critères de certification