Register of (Co-)Regulatory GDPR Frameworks

The register is comprises of 

• a general GDPR Codes of Conduct and Certifications List-View, and
• a GDPR Codes of Conduct and Certifications Detail-Views for each item, e.g., the Detail-View of Code of Conduct of the German National Chamber of Notaries.

The GDPR Codes of Conduct and Certifications List-View comprises of a list of individual elements and a filter section. 

Filters are displayed either on the right (large screens) or at the bottom (small screens). 

The GDPR Codes of Conduct and Certifications Detail-View comprises two several main clusters. 

• structured, pre-defined information and fields
• free text and content section, to add relevant individualised information, as needed.

Structured, pre-defined information and fields will always be displayed, as applicable. 

The free text and content section will only be displayed, if a detailed analyses of the framework was conducted or if the framework owners have provided such information. 

Generally, the pre-determined structure comprises of the following elements:

• title and teaser
• brand-image and general, framework related information
• authority related information
• approval/accreditation status related information
• supervision related information
• supervision body/bodies related information
• public register related information
• free text and content section
• related files and links

Framework Owners Name

Comma separated list of Framework Owners names. 

As the case may be, especially, where the list is too long, the list may use abbreviations. 

Framework's Project Website

URL of dedicated website presenting the Framework, as applicable.

URL to Contact Form of  Framework Owners

A URL as precise as possible pointing to the Framework Owners Contact Form. In case of multiple Framework Owners, this may be either empty or pointing to the probably most relevant contact form / contact form of the Framework itself, as applicable. 

Email of Owners of Framework

Framework Owners contact email. In case of multiple Framework Owners, this may be either empty, a link with a pre-filled comma-separated list of email addresses, the email address Framework itself, as applicable.  

Framework Approval Date

Approval date of the Framework. If the Framework was updated, this refers to the latest approval. 

Framework Approval Decision 

Reference Number of Latest Decision that approved the Framework. If no official Reference Number exists, this maybe replaced with a Press Release date or equivalent, or remain empty.

Framework Approval Decision URL

URL as precise as possible linking to the approval decision (or closest equivalent).

Framework Last Version Date / Framework Last Version Number

Each field allows the unique reference to the relevant version of the Framework. 

Most Frameworks follow a stringent and transparent versioning either by applying 

• version numbers, or
• the latest date of modification. 

In some cases, neither of the both options are applied consistently. In this case, the closest information available will be listed. 

Framework Initiation Date 

Date when Framework started its development. This may be different from a Framework's approval date, because, prior to their approval, Frameworks may have publicly announced work on such framework and call for participation.

• assessed conformity with predecessors of a GDPR framework, e.g., as the Framework already existed under the realms of the Data Protection Directive
• assessed conformity on a preliminary basis before the approval to gain valuable experience on the practicability of the developed Framework 

This field may often remain empty due to a lack of distinct information.

Framework Initial Operations Date 

Date when Framework started its operations. This may be different from a Framework's approval date, because, prior to their approval, Frameworks may have

• assessed conformity with predecessors of a GDPR framework, e.g., as the Framework already existed under the realms of the Data Protection Directive
• assessed conformity on a preliminary basis before the approval to gain valuable experience on the practicability of the developed Framework 

The Initial Operations Date may also be significantly later than the approval date, e.g., if related Supervision Bodies were not accredited at time of approval. 

This field may often remain empty due to a lack of distinct information.

Framework Main Language 

This field indicates the language version(s) in which the Framework was officially approved. 

Framework Additional Language

This field indicates any available languages additionally, to the official language. Those translations may not be legally binding. 

Framework's Territorial Scope

Indicator regarding the territory where Framework applies; 

• regional,
• national,
• transnational,
• international,
• transnational (limited) or
• international (limited)

Framework Territorial Scope - Applicable Countries

List of Countries where Framework applies;  if Framework's Territorial Scope is national, transnational (limited) or international (limited).

Framework Eligibility Scope

Indicator, whether Framework is limited to Private of Public Bodies.

Competent Authority

Name of Authority competent for deciding upon Framework

Framework Authority Website

URL of the website of the Competent Authority.

Official Register of Frameworks approved by Competent Authority

URL pointing to the official register of the Competent Authority where approved Frameworks of the same kind (Codes of Conduct or Certifications) will be listed. 

Framework has Supervision 

Checkbox whether Framework includes a method for supervision; for officially approved GDPR Frameworks this is mandatory. Future versions may distinguish between the methods of Supervision, be it a simple complaints procedure or pro-active (annual) assessments. 

Framework Supervision is Mandatory 

Checkbox whether Framework's supervision is mandatory. 

Framework Supervision Relation 

Indicator of pre-determined values, indicating the relation of the Supervision Body to the Frameworks Owners / adherent companies/services. 

Currently implemented options:

• Internal
• External

Options probably available in future as part of this field or as distinct field

• 1st Party
• 2nd Party
• 3rd Party

Framework has Public Register 

Checkbox, whether the Framework provides a Public Register of currently adherent / conformant companies / services. 

Framework has merged Public Register

Checkbox, whether the Framework provides a merged Public Register. This may be relevant in cases, where there is more than one Supervision Body. 

Some Frameworks provide Public Registers per Supervision Body, some Frameworks provide (additionally) a combined (merged) Public Register.

Public Register 1 to 5

URL to existing Public Register(s), at maximum five registers will be maintained. 

Supervision Body Name (1 to 5)

Name of the officially accredited Supervision Body, at maximum five Supervision Bodies can be directly reflected. 

If there is more than five bodies, or the accredited bodies can be very dynamic, a URL to website listing such bodies might be provided. 

Supervision Body Website (1 to 5)

URL to the Website of the officially accredited Supervision Body.

Supervision Body Accreditation Decision (1 to 5)

Reference Number of Latest Decision Accrediting Supervision Body.

Supervision Body Accreditation Decision URL (1 to 5)

URL pointing to the Latest Decision Accrediting the Supervision Body.

The free text and content section shall provide further details about the Framework. 

Such may include

• short description (incl. short image videos)
• benefits
• description of the affected sectors
• history
• details about the Framework's governance

Related files and Links will provide links to files and additional information. 

• Related Files are, as available, access to the Framework's latest documents, etc.
• Additional information might be external links, providing background information, direct link to relevant sources, etc.