Article 43: Certification bodies

Article 43.01

1 Without prejudice to the tasks and powers of the competent supervisory authority under  Articles 57  and  58 , certification bodies which have an appropriate level of expertise in relation to data protection shall, after informing the supervisory au...

Article 43.02

Certification bodies referred to in paragraph 1 shall be accredited in accordance with that paragraph only where they have: (a) Demonstrated their independence and expertise in relation to the subject-matter of the certification to the satisfaction...

Article 43.03

1 The accreditation of certification bodies as referred to in paragraphs 1 and 2 of this Article shall take place on the basis of requirements approved by the supervisory authority which is competent pursuant to  Article 55  or  56  or by the Board pur...

Article 43.04

1 The certification bodies referred to in paragraph 1 shall be responsible for the proper assessment leading to the certification or the withdrawal of such certification without prejudice to the responsibility of the controller or processor for compliance...

Article 43.05

The certification bodies referred to in paragraph 1 shall provide the competent supervisory authorities with the reasons for granting or withdrawing the requested certification.

Article 43.06

1 The requirements referred to in paragraph 3 of this Article and the criteria referred to in  Article 42 (5) shall be made public by the supervisory authority in an easily accessible form. 2 The supervisory authorities shall also transmit those requirements a...

Article 43.07

Without prejudice to Chapter VIII , the competent supervisory authority or the national accreditation body shall revoke an accreditation of a certification body pursuant to paragraph 1 of this Article where the conditions for the accreditation are not,...

Article 43.08

The Commission shall be empowered to adopt delegated acts in accordance with  Article 92  for the purpose of specifying the requirements to be taken into account for the data protection certification mechanisms referred to in  Article 42 (1).

Article 43.09

1 The Commission may adopt implementing acts laying down technical standards for certification mechanisms and data protection seals and marks, and mechanisms to promote and recognise those certification mechanisms, seals and marks. 2 Those implementing ...