List of approved certification mechanisms

National certification mechanisms approved by the CNIL

• Certification of the skills and knowledge of the data protection officer (DPO)
  This certification is intended for individuals who wish to demonstrate that they meet the skills and requirements of the DPO under the GDPR.
  
  This is a voluntary approach: certification is not required to perform the duties of DPO. Nor is it a necessary prerequisite for the appointment of a DPO with the CNIL.
   
• Certification of training providers in data protection
  This certification is intended for organizations who wishes to obtain recognition of the quality of the training they provide in the field of data protection.
  
  This is a voluntary approach: it is not mandatory to offer training on the protection of personal data. Nor does it replace certification according to the French national quality standard (RNQ) for providers of actions contributing to the development of skills subject to this obligation. Finally, higher education institutions benefit from other recognition systems (see for example the Training Census published by SupDPO).

European certification mechanisms approved by the EDPB

• Europrivacy certification
  This certification is intended for controllers and processors established in the European Union (EU) or the European Economic Area (EEA).
  
  This is a voluntary approach: certification is not required but can be obtained by organisations that wishes to communicate on the level of data protection offered by their products, services, processes or data systems.