What is the General Data Protection Regulation?

 The General Data Protection Regulation (GDPR) was passed on 27 April 2016 and became mandatory for all Member States of the European Union on 25 May 2018, creating a single legal framework without the need for national legislation and by abolishing existing legislation. The new regulation significantly increases the organizations’ obligations, while the significance of the fines sets it as a priority for the top management agenda.


Which organizations apply?

All private and public corporations, as well as government authorities that in any way manage personal data of customers, clients of their customers, employees, associates or other individuals must comply with the GDPR. The GDPR involves practically all businesses within and outside the European Union, as long as the data concern European citizens.

What are the obligations for the organizations?

  • to observe the basic principles of personal data protection, i.e. to collect them for a specific legitimate purpose and only those that are necessary, not to process them in a manner incompatible with the purpose, to update them, to store them for a minimum period required, to receive, where appropriate, the free and explicit consent of natural persons
  • transfer them to non-EU countries only under certain conditions
  • give access to personal data to their partners only under certain circumstances and if they prove their compliance with the GDPR
  • develop electronic tools for timely and free response to requests for:
    • withdrawal of consent
    • access to data
    • Correcting data or deleting data
    • limitation of processing
    • delivery of data in electronic form
    • Transferring data to another carrier
  • make their rights available to natural persons in an appropriate and timely manner
  • ensure the security of personal data throughout their life cycle
  • keep records and notify any violation of the data within 72 hours to the Data Protection Authority and to natural persons with direct information or public notice
  • Prove that they comply with all requirements of the Regulation.


Why choose LiberoAssurance

Quality Management System certification from LiberoAssurance will help your organization develop and improve performance. With a team of highly competent auditors we aim to deliver direct, convenient and reliable service to our customers, tailored to their needs and implement a framework by applying a systematic approach to manage their business processes, with respect to customer’s demands and regulatory requirements. The services that LiberoAssurance offers involve:

  • Competitive fee with no hidden charge or unexpected invoices
  • Qualified personnel dedicated to your specific business sector, which can provide effective added value.
  • We can also act as a one-stop provider for many of your certification needs by offering bundled product testing and certification services.

Contact us for our full certification process or a preliminary gap assessment for your current System as per GDPR (General Data Protection Regulation).


 LiberoAssurance certification mark

The GDPR certification mark from LiberoAssurance demonstrates your compliance towards continuous excellence. The prestige of the LiberoAssurance certification mark also indicates that your systems and processes have been evaluated by one of the most recognized names in quality and compliance.


esyd eoppep 15 12073 IAS Mark Mgmt Sys Cert Bdy