Compliance – Accreditations

In this section you will find all the Signaturit Group’s accreditations, grouped by Trusted Service Provider and relating to the trust services qualified in accordance with the eIDAS Regulation that they provide respectively, the national security standards applicable to each Provider as well as the different ISO standards and other trust seals and memberships in different European and international projects of our Providers.

COMPLIANCE WITH THE EIDAS REGULATION

The eIDAS Regulation aims to increase confidence in electronic transactions within the internal market. It establishes a common basis for secure electronic interactions between citizens, businesses and public authorities.

The eIDAS Regulation applies to electronic identification, trust services and electronic documents. It aims to establish an interoperability framework for the different systems in place in the Member States, in order to promote the development of a digital trust market.

The eIDAS regulation focuses mainly on electronic identification and trust services, giving legal recognition and presumption of validity to electronic documents using these trust services.

SECURITY AND QUALITY COMPLIANCE

Our services are also recognised and accredited to meet a number of other security and quality assurance criteria, including ISO 27001, 9001, 20000 and 22301 certificates, the ANSSI Security Visa in France and the Esquema Nacional de Seguridad du CCN in Spain. These accreditations confirm that our services meet the most stringent security and quality requirements and demonstrate the effectiveness of our products.

GDPR COMPLIANCE

The General Data Protection Regulation (GDPR) sets out seven key principles on how data controllers and processors should handle personal data: Lawfulness, fairness and transparency Purpose limitation Data minimisation Accuracy Storage limitation Integrity and confidentiality (security).

The Signaturit group’s Trusted Service Providers comply with these requirements and are subject to regular audits. An RGPD compliance audit is a systematic and independent assessment of an organisation’s compliance with the RGPD. The purpose of an RGPD compliance audit is to help organisations ensure that they are meeting their obligations under the RGPD and to identify areas where they may need to make improvements. The audit report is a comprehensive document that describes an organisation’s adherence to RGPD standards, detailing the assessment process, compliance status and areas for improvement. Gartner has developed a practical tool that uses natural language to facilitate self-assessment for RGPD compliance audits. Each requirement is accompanied by references to the regulations to speed up understanding and compliance. The Information Commissioner’s Office (ICO) also offers audits to check whether organisations are complying with data protection legislation as it applies to them. You can consult our Privacy Policy in the “Terms & Conditions” section.