APEC CBPR and PRP Certification
TRUSTe is an Accountability Agent approved to certify data transfer practices under the APEC Cross-Border Privacy Rules (CBPR) framework for data controllers, and the APEC Privacy Recognition for Processors (PRP) framework for data processors.
TRUSTe Certifications are conducted in three phases:
Privacy Assessments provide the information required to understand and remediate compliance risks. An experienced member of our Global Privacy Solutions team guides you through the process, utilizing our proven methodology and powerful technology.
The first step is to define the assessment scope by business units, product/service lines, and digital properties (websites, apps, cloud platforms). The Global Privacy Solutions team works with your team to efficiently guide discovery of necessary information, including relevant data flows and evaluation of your privacy policies and practices against relevant standards.
A findings report is delivered which includes a gap analysis, risk summary and remediation recommendations. The report outlines actionable steps required to achieve compliance.
Based on the information gleaned from the assessment, the Global Privacy Solutions team guides you through the remediation process, helping to ensure required changes are completed.
Remediation / Validation
Assistance with any necessary remediation steps, including providing relevant templates and process change advice. We then validate that your privacy statements accurately reflect your updated privacy practices and are consistent with applicable standards.
Letter of Attestation
As proof of TRUSTe Certification, an official Letter of Attestation can be shared with your business partners, providing your organization with competitive differentiation.
TRUSTe APEC Seal
After completing the required changes, we authorize your use of the TRUSTe APEC certification seal.
Ongoing Monitoring and Guidance Phase
Searchable Audit Trail
All assessment work and supporting documentation is available in a searchable, central repository – providing a way to respond to inquiries and demonstrate compliance for internal / external audits.
Ongoing Monitoring and Guidance
Ongoing compliance monitoring is provided throughout the term of the agreement. Access is provided to privacy experts for ongoing policy guidance along with educational webinars, events, whitepapers, client advisories, privacy tips and research.”
Access to third-party dispute resolution service, which helps efficiently manage privacy inquiries from customers and addresses dispute handling compliance requirements.
TRUSTe Privacy Feedback Button