About


The Privacy Pact is a voluntary legally binding tool and mechanism primarily intended for entities located outside of the European Union. It enables them to voluntarily and contractually commit to respect and abide to the European General Data Protection Regulation (Regulation 679/2016 – “GDPR”). The Privacy Pact has been drafted by privacy experts in the context of a EU funded project – “Privacy Flag”, overviewed by the European Commission and independent experts.

Privacy Pact enables legal entities to voluntarily, formally and contractually commit to abide to the rules and principles contained in the European General Data Protection Regulation (GDPR), regardless of their place of establishment and/or activity. Legal entities that have completed their declaration to comply with the GDPR on the Privacy Pact are legally bound by their voluntary commitment for the whole duration of its publication on the Privacy Pact website. Such commitment to respect the GDPR is required by the European regulation for any legal entity based outside of the EU territory that wants to receive or process personal data from EU-based companies and organizations.

It is to be noted that Privacy Pact does not constitute a certification of compliance in the reading of the article 42 of the GDPR, and it does not guarantee that applicants are necessarily complying with the referred legal obligations. The Privacy Pact and the entities in charge of its management decline any responsibility whatsoever regarding the effective compliance, actions, measures and practices of applicants.

Join us and show the world your commitment to be compliant with EU privacy norms by clicking on “Register” button!

For further information, visit the Terms & Conditions page.

Privacy Pact has been developed in the context of a H2020 European Research Project (Privacy Flag). This online service is made available and managed by the European Centre for Certification and Privacy (ECCP) in Luxembourg, with the support of the Istituto Italiano per la Privacy (IIP) in Rome and Archimede Solutions (AS) in Geneva.