Bufete Mas y Calvet law firm has been selected and qualified as EuroprivacyTM/® official partner by the European Centre for Certification and Privacy. We support and prepare our clients for certifying the conformity of their data processing activities with Europrivacy and the European General Data Protection Regulation (GDPR), to:

Identify and reduce legal and financial risks

through the Europrivacy audit and gap analysis

Improve reputation and access to the market

through the Europrivacy GDPR certification

Build trust and confidence

through continuous updates and monitoring

Europrivacy – A GDPR by Design Certification

The GDPR contains over 70 references to certification to demonstrate the conformity of processing activities with the European regulation, including for selecting data processors with adequate level of data protection and for authorizing cross-border data transfers.


Non-conformity with the GDPR carries important legal and financial risks, which are hidden costs until a company is fined up to 20 million or 4% of its worldwide turnover (art.83.5 GDPR).


A GDPR certification reduces legal and financial risks and can save substantial costs. Europrivacy certificates demonstrate a company engagement in protecting personal data and to be a trustable service provider for its customers, as well as a reliable data processor for its business partners.


Companies with certified data processing position themselves as front-runners in data protection with a strong competitive advantage on the market. As a company is also liable for the choice of its data processors, it can require from them to certify their services in order to protect itself and to reduce its legal and financial risks at no cost.

12 Good Reasons to Choose Europrivacy

European and GDPR by design
funded by the European Commission.

ISO compliant
and easily combinable with ISO/IEC 27001.

Continuously updated to align with
the evolution of regulations and jurisprudences.

Comprehensive and applicable to almost any data processing activities.

Extensible to complementary national
and domain specific obligations.

Independent and managed by an international board of experts.

Applicable to emerging technologies.

Online resources, tools, and support.

Highly reliable
with systematic assessments.

Global ecosystem of qualified partners
and experts.

Time and cost efficient
thanks to its innovative methodology.

Research and Innovation empowered.

Your Smart Journey to GDPR Certification

Bufete Mas y Calvet law firm will drive you and offer you services aimed at obtaining the Europrivacy certification of your data processing activities. We offer you to:


  1. Select two priority data processing activities to be certified;
  2. Prepare the two selected data processing for certification by documenting their conformity;
  3. Support remediation in case of residual non-conformities;
  4. Bring the selected processing activities to certification by an independent Certification Body and support the process;
  5. Elaborate a certification plan for the remaining data processing to be certified;
  6. Give you access to continuous updates on European and national requirements related to personal data protection in order to maintain and enhance your conformity.
Equipo Europrivacy

What specific services does Bufete Mas y Calvet Law Firm offer?

  • Adaptation and updating in data protection and guarantee of digital rights in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and the applicable national regulations on Personal Data Protection.
  • Legal advice for the correct definition and inventory of the entity's data, files and processing.
  • Drawing up of the Register of processing activities, which is obligatory in accordance with Article 30 of the GDPR.
  • Drafting of the Data Protection Document in accordance with the GDPR, in compliance with the principle of proactive responsibility (Art. 5.2 of the GDPR).
  • Drafting and reviewing data processor contracts to regulate access to data by third parties, pursuant to Article 28 of the GPRS.
  • Drafting and reviewing legal texts (Legal Notice, Privacy and Cookies Policies, etc.) in accordance with the GDPR and other regulations in force (Law on Information Society Services and Electronic Commerce, General Law on Advertising, General Law on Consumers and Users, etc.).
  • Preparation, collaboration and carrying out of Privacy Impact Assessments.
  • Exercise of the functions and responsibilities of the Data Protection Delegate and, where appropriate, assistance in attending to them, either internally or externally, by means of a high level of legal and technological qualification.
  • Administrative, extrajudicial and judicial defence in the event of the exercise of rights by data subjects or companies.

Contact Us for an offer.

A Reliable Certification Process

The Europrivacy certification scheme has been developed through the European research programme financed by the European Commission. It is designed to address the specific obligations of the GDPR and to serve as official certification scheme under article 42 of the GDPR. It has been developed by experts in data protection in consultation with national supervisory authorities. The certification scheme is managed and continuously updated by the European Centre for Certification and Privacy (ECCP) in Luxembourg and its International Board of Experts in data protection.


Europrivacy is applicable to all sorts of data processing, including emerging technologies, it enables to document, assess, and certify their conformity with the GDPR and complementary national data protection regulations. It enables you to select priority data processing activities and progressively certify them once they are ready.


Europrivacy is closely aligned with ISO standards and complements management system certifications, such as ISO/IEC 27001 or 27701. While the latter enables the certification of the quality of an information management system, Europrivacy has been designed to certify compliance of data processing activities with the GDPR and complementary national data protection regulations, in accordance with the guidance of the European Data Protection Board (EDPB). It is the first scheme that has been submitted by a European national data protection authority to the EDPB as part of the endorsement process by the EU as a European certification scheme under the Art. 42 of the GDPR.


Europrivacy is delivered by qualified Certification Bodies gathering adequate legal and technical expertise. The certification is aligned with the applicable ISO/IEC 17065 and 17021-1 principles. It combines various methodologies, such as documentation review, sampling analysis, technical tests, inspections, and interviews. Delivered certificates can be verified and authenticated on the public Europrivacy Registry, enhanced with Blockchain technology to maximize authentication, reliability and transparency of certificates.

El Bufete Mas y Calvet es socio oficial de Europrivacy
El Bufete Mas y Calvet es socio oficial de Europrivacy

More About Europrivacy: www.europrivacy.com

Europrivacy is an international trademark registered in several jurisdictions.