HACA PARTNERS has been accredited since February 2023 by the CNPD to issue GDPR CARPA Certification allowing companies to demonstrate the compliance of their processing operations with the certification criteria based on the General Data Protection Regulation (GDPR).
HACA PARTNERS is the second firm to receive the accreditation in Europe.
On top of the GDPR-CARPA certification, HACA Partners can also provide services to guide and assist you in the GDPR compliance process and/or to prepare you to be ready for GDPR-CARPA certification process (mock certification).
HACA PARTNERS can certify specific Data Protection processes for Data Controllers and Data Processors based on the GDPR CARPA Certification Scheme under Article 42 GDPR.
The GDPR-CARPA (Certified Assurance Report-Based Processing Activities Certification Criteria) certification mechanism is based on an ISAE 3000 Type 2 report that allows for the issuing of an opinion on the correct implementation of the certification criteria. This guarantees a high level of confidence, a key factor to build trust in the processing of personal data covered by the certification scheme.
The validity period of a certificate is 3 years, subject to a successful annual audit.
The certification may be renewed, under the same conditions, provided that the relevant criteria continue to be met. Certification shall be withdrawn, as applicable, by HACA PARTNERS or by the competent supervisory authority if the criteria for the certification are no longer met.
The GDPR-CARPA certification critera are organized into 3 sections:
Set of criteria applying to both data controllers and processors
Contains general governance criteria
Set of criteria applying to data controllers
Covers data protection principles, data subjects' rights and governance criteria related to the security of processing activities
Set of criteria applying to data processors
Contains mainly criteria for contractual obligations (with the controller), governance of data security, subcontracting
More information about the GDPR certification scheme can be found on the CNPD website.
To learn more, please consult our GDPR Certification Procedure below.
HACA PARTNERS has designed a complaint procedure to ensure that complaints are properly investigated and are given careful and fair consideration.
The complaints that we receive help us to better understand how we are doing and to improve. We are committed to listening to our clients, acknowledging concerns and putting things right where appropriate. We want to learn from our mistakes and improve our service.
We will treat your complaint confidentially, quickly and seriously.
If you wish to submit a complaint, please consult our Complaint Procedure.
Should you feel that HACA PARTNERS has not addressed your concern in a satisfactory manner, you may contact the Commission Nationale pour la Protection des Données (CNPD).
15, Boulevard du Jazz
Tél. : (+352) 26 10 60 -1