top of page
Office Building
LOOKING FOR HELP?

Try one of our LOCS:23 experts or consultancies
WHO HAS CERTIFIED

Click here for a register of certified firms

What is certification?

Art 42 of the UK GDPR provides for the creation of official certification schemes that will be recognised by the local Supervisory Authority (in this case the Information Commissioner's Office).

​

ICO certification requirements include:

​

  1. UK GDPR - The standard must meet all UK GDPR requirements.

  2. SCOPE - The standard must have a defined scope that relates to a specific processing activity.

  3. PRACTICAL - formulated in such a way that they are clear and allow practical application.

  4. AUDITABLE - objectives must be specified along with how they can be achieved so as to demonstrate compliance.

  5. RELEVANT - to the target audience.

  6. INTEROPERABLE - with other standards such as ISO 27001.

  7. SCALABLE - for use by different sized organisations.

​

Further ICO guidance on the benefits of certification can be found here.

 

LOCS:23 has been approved by the ICO as the official certification for Legal Service Providers.

 

LOCS is an acronym for:

Legal Services Operational Privacy Certification Scheme

​

LOCS:23 Scope

The primary processing activities within the scope of this standard are:

  • Processing of Personal Data in the Client File

  • Ensuring protection of Client data when shared

 (the full scope can be seen in the LOCS:23 Standard).​

Business Conference

Specifies Certification Body

The Official Certification Mark

Cert Mark Controller.png

QR code links back to CB website to validate certification

Specifies Data Controller or

Data Processor

The Official Certification Mark can only be awarded by a UKAS accredited Certification Body and is the only Mark that signifies LOCS:23 Certification as either a Data Controller or Data Processor.
 
All Certified organisations will be automatically published in a publicly available register accessible both here and by using the QR code on a Certification Mark.
 
It is highly recommended that clients check the validity of Certification before relying on it.
 
The Certification Mark is valid for 3 years from date of issue

The LOCS logo may be used for other purposes but the official Certification Mark will always follow the format of the above example and display the following:

 
  • Name or logo of Certification Body making award
  • Name of Certified organisation
  • Certified Organisation's corporate address
  • Certification Status (Controller or Processor)
  • Date of issue
  • validation QR code (enables look up of Certification register)
​​
If an organisation claims to be certified but does not have a Certification Mark in this format you are advised to check the Certification register and if in doubt or to report any misuse contact info@locs23.com
​
Use of the Certification Mark is closely monitored. Inappropriate or fraudulent use may result in legal action.
Are you Ready for Certification?
Try our LOCS Readiness Assessment Tool
assessment.png
ARE YOU READY FOR CERTIFICATION?
Find out with our free on-line assessment tool

Who  Should Certify?

Will you support GDPR compliance in your firm?

​

Why not become a Certified LOCS Practitioner (CLP)

Original on Transparent_edited_edited_edited.png

Is your A.I. project GDPR compliant?

​

Why not become an A.I. Privacy Practitioner

AI PP.png

Prior to full certification, an organisation can use an Approved Implementor to be awarded 'LOCS:23 Ready' status.

 

Only Approved Implementors or Qualified Consultancies can award 'LOCS:23 Ready' status based on a successful review.

LOCS2 Approved.png

FREE consultation


Want to know how the certification works and the potential benefits?


Request a 30 minute Teams meeting here

bottom of page