Cross-Border Privacy Rules Certification
The Cross Border Privacy Rules (CBPR) is an internationally recognized data privacy certification system available to U.S. organizations and their global subsidiaries. As an approved Accountability Agent, BBB National Programs works one-on-one with your business to demonstrate compliance with established data privacy standards.
Both certifications (CBPR for data controllers and PRP for data processors or vendors) are backed by BBB National Programs’ commitment to delivering independent accountability for your privacy promises.
Program Impact
Consistent Protections
Helping participants implement strong baseline protections in support of a global approach to privacy program management.Consumer Empowerment
Certified companies provide consumers with the opportunity to access and correct their personal data, no matter where they live.Complaint Resolution
Privacy commitments are backed by transparent dispute resolution procedures endorsed by the Global CBPR member economies, trusted by consumers and businesses.Trusted Privacy Seals
BBB National Programs offers different certifications depending on the role your business plays with respect to the personal data covered under the certification.
CBPR is for Businesses that collect personal data.
PRP & VPP are for Vendors that process personal data.
- Certifications serve as a reliable beacon, demonstrating that your business handles personal information in a manner that meets or exceeds recognized privacy safeguards.
- Self-verifying seals appears on the privacy policies of every certified business, linking to a web page that explains the scope of the business’s privacy commitments and allows consumers to submit data privacy complaints.
- Certified business receives a customized and confidential Findings Report, showing how its policies and procedures meet each Program Requirement.
"CBPR and PRP are important certifications that enable businesses of all sizes to demonstrate their commitment to safe and accountable personal data handling no matter where in the world the processing is taking place."
-Harvey Jang, Vice President and Chief Privacy Officer for Cisco Systems, Inc.
Requirements & Procedures
How to Apply for Certifications
CBPR Program
STEP 1: Confirm your company is eligible
-
Seeking certification for personal data you collect and process for your own purposes (as a data controller)
-
Headquartered in the U.S.
-
Subject to the jurisdiction of the Federal Trade Commission
STEP 2: Submit the application form to BBB National Programs.
STEP 3: Review and refine relevant data privacy policies and practices with a BBB National Programs certification specialist to confirm that they meet CBPR Program Requirements
STEP 4: Receive your company’s customized findings report along with access to the BBB National Programs CBPR certification seal
PRP Program
STEP 1: Confirm your company is eligible
-
Seeking certification for personal data you process on behalf of others (as a data processor or vendor)
-
Headquartered in the U.S.
-
Subject to the jurisdiction of the Federal Trade Commission
STEP 2: Submit the application form to BBB National Programs.
STEP 3: Review and refine relevant data privacy policies and practices with a BBB National Programs certification specialist to confirm that they meet PRP Program Requirements
STEP 4: Receive your company’s customized findings report along with access to the BBB National Programs PRP certification seal
If your organization is headquartered outside of the United States, you may apply for our Vender Privacy Program certification here.
Request a Consultation