Corporate Responsibility

Data Privacy certificate for cloud servces

  • Share
    Two clicks for more data privacy: click here to activate the button and send your recommendation. Data will be transfered as soon as the activation occurs.
  • Print
  • Read out

The first GDPR-based data privacy certificate for cloud services is here.

Data Privacy certificate for cloud servces.

The first GDPR-based data privacy certificate for cloud services is here.

In view of the systematic sanctions for data privacy incidents issued by the supervisory authorities under GDPR, such a data privacy certification for cloud services is not only important for Deutsche Telekom; it is also significant for customers. Therefore, Deutsche Telekom places great value on the official recognition of the standards by the supervisory authorities responsible for data privacy. The supervisory authorities provided advice during the development of the standard and are currently drafting an audit catalog to test such a standard.

Quick recognition

“If German cloud products are to remain competitive in the long-term, we quickly need recognition by the supervisory authorities. Documented audit criteria are important but we cannot get bogged down by detail,” says Dr. Claus-Dieter Ulmer, Global Data Privacy Officer at Deutsche Telekom.

Auditor is a data privacy certificate. This means that, once completed, an external inspection body such as DEKRA or TÜV will examine and confirm compliance with the requirements. In this respect, a data privacy certificate differs from a Code of Conduct, where the company submits a self-declaration.

Auditor also cooperates with the “GAIA-X” project from the German Federal Ministry for Economic Affairs and Energy. GAIA-X is a project to set up a high-performance, competitive, secure, and trustworthy data infrastructure in Europe. Auditor can make a valuable contribution here by confirming compliance with GDPR via a certificate.

With us from the beginning

The data privacy certificate managed under the “Auditor” project name is the successor to the Federal Data Protection Act-based – and now expiring – certificates according to the TCDP (Trusted Cloud Data Protection) standard. Both standards were developed by the German Federal Ministry for Economic Affairs and Energy in close collaboration with the data privacy supervisory authorities, the Federal Ministry of the Interior and the Federal Office for Information Security. Deutsche Telekom played an active role in development from the very start.

More Responsibility

Deutsche Telekom Data protection strategy

Corporate regulations, reports, statements and more on data protection.