Process & System certification / Voluntary assessment
Basis for Certification (certification standard):
Proprietary TÜV SÜD standard including industry-specific criteria catalogues for B2C online retailers
- B2B online retailers
- Online travel agents
- Online insurances
TÜV SÜD Sec-IT GmbH
What does the standard TÜV SÜD [email protected] cover?
The standard TÜV SÜD [email protected] defines requirements for safe and transparent online shopping or other online contacts taking into account industry-specific requirements. These requirements include, but are not limited to:
- Complete and consistent information on payment options, shipping costs, goods/services offered, cancellation policy, contact details, data protection, etc.
- Correct and transparent function of shopping cart, ordering process and user/customer account, if applicable
- Use of encryption methods in line with the accepted rules of technology
- Reliable handling (and if necessary cancellation) of orders as promised by the online supplier
- Provision of appropriate customer service
- Systematic approach to the creation and continuous improvement of the contents and functions of the online shop
- Technical and organisational measures aimed at data security and data protection
What does “certification” and/or the issue of a certification mark for TÜV SÜD [email protected] by TÜV SÜD Sec-IT GmbH mean?
- The customer has submitted to voluntary assessment (audit) according to defined criteria (certification standard).
- A certificate and/or the authorisation to use a certification mark are only issued if the assessment (audit) does not reveal any major nonconformities with the requirements of the certification standard.
- The certificates and/or certification marks are valid for a restricted period of time. Interested parties can check the validity of individual certificates at www.safer-shopping.de.
- To maintain certificate validity, the certificate holder must undergo annual announced audits as well as brief assessments during the year with a positive result.
- Unannounced audits are possible in specific cases.
How do we audit?
- Professional online assessment
Assessment of the online shop from a user's or customer's perspective (including test order).
- Online server check
Assessment of the online shop from a “hacker's” perspective, covering the web application and the online shop's IT systems that can be reached online.
- On-site audit
Assessment of the “behind the scenes” processes associated with the online shop.
What is beyond the scope of certification according to standard TÜV SÜD [email protected]?
- [email protected] certification is no product certification. Certification thus does not provide any direct statements on the quality of a product or service offered in the certified online shop. Certification according to TÜV SÜD [email protected] does not mean that the online shop offers products or provides services of higher quality.
- [email protected] shopping certification does not constitute an audit or certification of the entire organisation that operates the respective online shop (i.e. it is not a company certification).
- Certification does not include in-depth assessment of all partners integrated in or linked to the online shop and their applications (e.g. payment service providers, logistics partners).
- [email protected] certification cannot guarantee 100 % certainty and security in online shopping, even though this is one of the key objectives of the [email protected] shopping standard.