---

The Office for the Protection of Personal Data for the Slovak Republic (‘ÚOOÚ’) published, on 21 November 2022, a statement on the incorrect or inaccurate interpretation or application of the requirements of certification mechanisms pursuant to Article 42 of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’). In particular, the ÚOOÚ indicated that certain entities had made claims about certification in accordance with Article 42 of the GDPR, which the ÚOOÚ found were not based on truth and thus have the potential to mislead addressees in relation to certification under the GDPR. Furthermore, the ÚOOÚ highlighted that EU Member States must ensure that certified entities are properly accredited, by undergoing proper accreditation processes, according to Article 43 of the GDPR.

Moreover, the ÚOOÚ emphasised that the accreditation system for certified entities in the field of personal data protection has not yet been launched in Slovakia.

You can read the press release, only available in Slovak, here.