¹A certification pursuant to this Article shall be issued by the certification bodies referred to in Article 43 or by the competent supervisory authority, on the basis of criteria approved by that competent supervisory authority pursuant to Article 58(3) or by the Board pursuant to Article 63. ²Where the criteria are approved by the Board, this may result in a common certification, the European Data Protection Seal.