GDPR Data Protection

At Bureau Veritas, we offer comprehensive GDPR certification services to help organisations ensure that they comply with the GDPR and protect the personal data they collect and process.

In the era of big data, privacy is not just an issue of security but also of trust. To inspire trust in your data management, it is essential not only to implement appropriate management procedures, but also to achieve certification.

The EU General Data Protection Regulation (in force as of May 25, 2018) tightens controls on companies dealing with EU citizens’ personal data wherever they are located and imposes hefty fines for non-compliance.

As you increase the range of activities and operations that are digitised, you need to demonstrate to your clients, staff and other stakeholders that you respect their right to privacy and take data security seriously.


In response to this, we have developed a technical standard and a voluntary certification programme for businesses, which is based on best practice and the content of the regulation.

Certification of your data protection procedures is a tool that enables your organisation to achieve and proactively demonstrate compliance with regulations and, in the case of GDPR, can protect you from potential fines of up to 20 million euros. Moreover, should breaches occur, certification demonstrates due diligence and can help to mitigate potential penalties.


    For “data controllers” and “data processors”:

    • Ensure compliance with increasingly stringent regulations
    • Demonstrate corporate digital responsibility and achieve certification
    • Improve brand reputation and ethics
    • Limit the risk of potentially costly security breaches
    • Safeguard the privacy of customers and other stakeholders
    • Protect valuable data assets that are crucial to your business.
    • Support from a global leader in testing, inspection and certification
    • Dedicated team of certification specialists with experience of data protection regulations and processes

    Get a free quote for GDPR Data Protection services


    Please select country prefix
    Enquiring about
    I have read and understood the terms and conditions of {Personal data protection policy}.
    Your personal data is collected by Bureau Veritas UK, having its registered office at Suite 206, Fort Dunlop, Fort Parkway, Birmingham B24 9FD, and is subject to computer processing in order to respond to questions from the media about the Group or its subsidiaries on the basis of your consent, and to respond to customer complaints, on the basis of the service contract that you have entered into with a subsidiary of Bureau Veritas.

    Your personal data is intended for the Corporate Communication department or the Quality, Health & Safety and Environment department of the Bureau Veritas Group, depending on the nature of your request, and for their service providers, providing consulting and technical services as well as for the Bureau Veritas IT department. Your personal data will be retained for a period of one year for media requests and three years for customer complaints from your request. Your personal data can be transferred outside the European Union, in countries where Bureau Veritas subsidiaries operate, on the basis of standard contractual clauses established by the European Commission, available on request, by submitting a query here.

    Fields marked with an asterisk must be filled in. Otherwise, Bureau Veritas would not be able to answer your questions and/or complaints. In accordance with the Data Protection Act 2018 and the General Data Protection Regulation of 27 April 2016, you have the right to access, rectify and erase any personal data concerning you, as well as the right to limit the processing, the right to oppose to the processing or the right to portability of your personal data. You have the right to withdraw your consent at any time by submitting a query here and unchecking the box dedicated to the collection of your consent. You can exercise your rights online to lodge a complaint to the Information Commissioner’s Office.