Privacy Pact is an Online tool enabling companies to contractually commit to respect the GDPR, the European General Data Protection Regulation (Regulation 679/2016). It is a legally binding mechanism enabling companies located outside of the European Union to voluntarily and contractually commit to respect and abide to the GDPR rules and principles. By signing the Privacy Pact, companies demonstrate their willingness to respect the European rules for personal data protection, which is a legal condition to deliver services to the European market and to collect and process personal data from the European Union territory.
Privacy Pact facilitates access to the European market for non-European companies and strengthens their positioning. It provides your company with a respected and trustworthy seal that shows your commitment to comply with the European privacy and data protection law, with the potential of building trust in developing business activities in one of the largest market in the world, the European Union. According to GDPR Article 44, any transfers of personal data outside of the EU territory are conditioned to the respect of GDPR core principles. Article 28 requires that data controller “shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.”
Privacy Pact has been developed by the European research project Privacy Flag funded by the European Commission and is run as an open service overviewed by legal experts. It is administratively managed by the European Center for Certification and Privacy (ECCP) based in Luxembourg with the active support of the Istituto Italiano per la Privacy (IIP) and Archimede Solutions (AS).Privacy Pact is not a certification, but it constitutes a first step to prepare a company for GDPR certification such as EuroPrivacy.
The Privacy Pact service is provided against a minor registration fee intended to support and further develop this service. The price is for a duration of 1 year (365 days) and can be renewed manually or automatically:
The Privacy Pact is a voluntary legally binding tool and mechanism for entities located outside of the European Union. It enables them to voluntarily and contractually commit to respect and abide to the European General Data Protection Regulation (Regulation 679/2016 – “GDPR”). The Privacy Pact has been drafted by privacy experts in the context of a EU funded project – “Privacy Flag”, overviewed by the European Commission and independent experts.
Privacy Pact enables legal entities to voluntarily, formally and contractually commit to abide to the rules and principles contained in the European General Data Protection Regulation (GDPR), regardless of their place of establishment and/or activity. Legal entities that have completed their declaration to comply with the GDPR on the Privacy Pact are legally bound by their voluntary commitment for the whole duration of its publication on the Privacy Pact website. Such commitment is required by the European regulation for any legal entity based outside of the EU territory that want to receive or process personal data from EU-based companies and organizations.
It is to be noted that Privacy Pact does not constitute a certification of compliance in the reading of article 42 of the GDPR, and it does not guarantee that applicants are necessarily complying with the referred legal obligations. The Privacy Pact and the entities in charge of its management decline any responsibility whatsoever regarding the effective compliance, actions, measures and practices of applicants.
Join us and start to be compliant with EU privacy norms by clicking on “Register” button!
For further information, visit the Terms & Conditions page.