Test criteria

An audit of one or more processors is based on the criteria of the Federal and State Data Protection Conference (DSK) for certification under Article 42 and on the assurance objectives of the DSK’s standard data protection model.

Audited are:

  • the offer of the processor
  • the contract for commissioned processing, if any, including the documentation of the technical-organizational data protection measures of the processor
  • any other legally binding agreements that may exist
  • any joint responsibility of the Processor and the Responsible Party, if any

compliance with the performance targets

  • Data minimization
  • Confidentiality
  • availability
  • Integrity
  • Transparency
  • Non-interlinking
  • Intervenability

The Processor is obligated to provide the Controller with all information and documents relevant to the decision, if applicable a certification according to Art. 42 GDPR or binding rules according to Art. 40 GDPR.

The integration of the social media buttons is done via the Shariff solution of Ct. Your data will only be transferred to third parties when you actively click on one of the buttons. Thank you for sharing and spreading the word.