Article 43 Certification Bodies 1. Without prejudice to the tasks and powers of the competent

supervisory authority under Articles 57 and 58, certification bodies which have an appropriate

level of expertise in relation to data protection shall, after informing the supervisory

authority in order to allow it to exercise its powers pursuant to point, H of Article 582

where necessary, issue and renew certification. Member states shall ensure that those certification

bodies are accredited by one or both of the following. A. The supervisory authority which is competent

pursuant to Article 55 or 56. B, the national accreditation body named in accordance with

regulation, EC, Member 765-208's the European Parliament and of the Council, 20, in accordance with NISO-S-I-EC-17,065, 2012, and with the

additional requirements established by the supervisory authority which is competent pursuant to

Article 55 or 56. 2. Certification bodies referred to in paragraph 1 shall be accredited in accordance with that

paragraph only where they have. A, demonstrated their independence and expertise in relation to the

subject matter of the certification to the satisfaction of the competent supervisory authority.

B, undertaken to respect the criteria referred to an Article 42-5 and approved by

the supervisory authority which is competent pursuant to Article 55 or 56 or by the board

pursuant to Article 63. C. Established procedures for the issuing, periodic review and

withdrawal of data protection certification, seals and marks.

D. Established procedures and structures to handle complaints about infringements of the

certification over the manner in which the certification has been or is being, implemented by

the controller or processor, and to make those procedures and structures transparent to

data subjects and the public and

be demonstrated to the satisfaction of the competent supervisory authority that their tasks

and duties do not result in a conflict of interests three the accreditation of certification

...