Goals

The objectives of the prestation GDPR Engagement Label :

The challenge of this label is to popularize and make more accessible the implementation of a GDPR compliance approach and to turn a regulatory constraint into an opportunity for companies to stand out and enhance their activity.

Who is the GDPR Commitment Label for?

The label is aimed at all public or private structures wishing to promote and demonstrate the implementation of the GDPR within their organisation.

What are the prerequisites for obtaining the GDPR Commitment label?

To qualify for the GDPR Commitment label, the prerequisites are as follows:
  • Not having had a sanction from the CNIL or other organisation in the last 12 months
  • Not having been accused or found responsible for ethical violation, commercial practices contrary to ethics in the last 5 years
  • Having a DPO or an internal GDPR referent
  • Having formalized an internal GDPR compliance approach


  • The admissibility of one's application will depend on the satisfaction of the following alternative conditions:

  • The candidate has completed a training course to prepare for the current version of the Label presenting at least the following characteristics:
    - The Major Challenges of the GDPR
    - Presentation of the reference criteria (specifications)
    - Explanation of the labeling process (labeling guide)

  • The candidate has been brought into compliance with the aim of obtaining the label by a DPO who has completed the said training to prepare for the current version of the label.

  • Benefits of the GDPR Commitment Label

    Obtaining the GDPR Commitment label is a guarantee of quality which constitutes real added value and which allows you to benefit from:
  • A good brand image, respectful of the standard and the data of your customers
  • A strong competitive advantage by reassuring your customers and partners
  • A company project involving all employees
  • Description
    The General Data Protection Regulation (GDPR) came into force on 25 May 2018. Companies, administrations and associations that process personal data as part of their activities must manage the legal risks associated with the personal data of their stakeholders (employees, customers, users, etc.) and meet the requirements of their customers.

    The GDPR Commitment label is intended for all organisations wishing to demonstrate their commitment to data protection regulations.

    Created by two key players in the field of compliance, obtaining the GDPR Commitment label is a guarantee that the GDPR will be a strong commercial argument for your organisation.

    On the initiative of Michel Rousseau, founder and director of the Agence RGPD franchise, the label is now supported by two complementary players:

    - The Agence RGPD guides you in achieving and maintaining compliance and prepares you for labelling
    - Apave Certification audits your entity to obtain the Label on the basis of three ‘levels’

    Characteristics

    The GDPR Commitment label is based on more than 100 evaluation criteria and evaluates 3 types of processing:
    HR processing, website-related processing and processing related to the business of the evaluated entity.

    Stages and process

    - Formulation of the labelling request
    - Issuance of the label evaluation estimate
    - Preliminary review and admissibility study
    - Initial audit
    - Issue of the label and communication
    - Periodic monitoring

    Performance levels

    The GDPR Commitment label can be obtained at 3 performance levels:
    - Bronze: upon meeting 100% of the mandatory criteria, 25% of the recommended criteria and 0% of the bonus criteria
    - Silver: upon meeting 100% of the mandatory criteria, 50% of the recommended criteria and 25% of the bonus criteria
    - Gold: upon meeting 100% of the mandatory criteria, 75% of the recommended criteria and 50% of the bonus criteria
    Periodicity
    In the event of a favourable decision by the labelling committee following the initial audit, the GDPR Commitment label is issued for a period of 3 years. A simplified follow-up audit is to be carried out after 18 months.
    It may then be renewed after 36 months following the initial audit, by carrying out a renewal audit.
    Prestation
    GDPR Engagement Label
    Ref : TLAB0180

    Related products

    News