"Engagement RGPD*" Label
The General Data Protection Regulation "GDPR" (RGPD in French) came into force on 25 May 2018. Companies, administrations and associations that process personal data as part of their activities must control the legal risks related to the personal data of their stakeholders (employees, customers, users, etc.) and meet their customers' requirements.
What is "Engagement RGPD" label ?
The "Engagement RGPD" label is intended for all organisations wishing to highlight their commitment to data protection regulations.
The aim of this label is to make the implementation of a GDPR compliance process more accessible and to turn a regulatory constraint into an opportunity for companies to stand out and to enhance their activity.
Created by two key players in the field of compliance, the "Engagement RGPD" label is the guarantee of making the GDPR a strong selling point for your business.
At the initiative of Michel ROUSSEAU, founder and manager of the franchise Agence RGPD, the label is today led by two complementary players:
- The Agence RGPD manages your compliance and its maintenance and prepares you to obtain the label
- Apave Certification audits your entity to obtain the label on the basis of three "levels"
Who should attend "Engagement RGPD" label
The label is intended for all public or private entities wishing to promote and demonstrate the implementation of the GDPR within their organisation.
The "Engagement RGPD" label is based on more than 100 evaluation criteria and evaluates 3 types of processing: HR processing, processing related to the website and processing related to the business activities of the assessed company.
What are the prerequisites for obtaining the "Engagement RGPD" label?
The following are prerequisites for obtaining the "Engagement RGPD" label:
- Absence of sanctions by the CNIL or any other organsation in the last 12 months
- Absence of accusation or recognition of responsibility for ethical violations or unethical business practices in the last 5 years
- Have a DPO or an internal GDPR advisor
- Have formalised an internal process for compliance with the GDPR
The admissibility of the application will depend on the satisfaction of the following alternative conditions:
- The applicant has undergone training in preparation for the current version of the label with at least the following characteristics:
- The main issues of the GDPR
- Presentation of the reference system criteria (specifications)
- Explanation of the labelling process (labelling guide)
- The applicant has been brought into compliance with the objective of their DPO, who has followed said training to prepare for the current version of the label, obtaining the label.
The "Engagement RGPD" label can be obtained in 3 performance levels:
- Bronze: as soon as 100% of mandatory criteria, 25% of recommended criteria and 0% of bonus criteria are met
- Silver: as soon as 100% of mandatory criteria, 50% of recommended criteria and 25% of bonus criteria are met
- Gold: upon achieving 100% of mandatory criteria, 75% of recommended criteria and 50% of bonus criteria
In case of a favorable decision of the labelling committee following the initial audit, the "Engagement RGPD" label is issued for a period of 3 years. A simplified follow-up audit will be carried out after 18 months.
It can then be renewed after 36 months following the initial audit, by carrying out a renewal audit.
The benefits of "Engagement RGPD" label
Obtaining the "Engagement RGPD" label is a quality guarantee that constitutes a real added value and allows you to benefit from:
- A good brand image, respectful of the standard and of your customers' data
- A strong competitive advantage by reassuring your customers and partners
- A company-wide project involving all employees
Why choose Apave
Apave Certification is one of the leading certification bodies in France. As a recognised and independent organisation, Apave Certification relies on a network of qualified internal and external auditors throughout France and abroad.
Apave Certification is involved in both voluntary professional certifications and regulatory and mandatory certifications.
Apave Certification's services are based on 5 major areas
- Management systems
- Skills certification
- Product certification
Steps and processes
- Request for labelling
- Issuing of the label assessment quotation
- Preliminary review and admissibility study
- Initial audit
- Issuing of the label and communication
- Periodic monitoring
Apave Certification's strengths
Independent third party
Apave Certification is a recognized and independent certification body specialized in certification engineering.
Apave Certification works quickly, throughout France and internationally, and keeps deadlines under control.
Apave Certification relies on a large geographical network of qualified internal and external auditors, both nationally and internationally.
Apave Certification is a flexible structure with a customer-oriented approach, which is involved in both voluntary professional certifications and regulatory and mandatory certifications.
Apave Certification, a subsidiary of the Apave group, benefits from solid expertise based on extensive customer feedback over more than 150 years.
Recognitions and accreditations
Apave Certification holds numerous accreditations and recognitions, guaranteeing our quality and technical systems and proving our competence, know-how and independence.