TRUSTe is an Accountability Agent approved to certify data transfer practices under the Asia-Pacific Economic Cooperation CBPR framework

Asia-Pacific Economic Cooperation (APEC) is the premier Asia-Pacific economic forum whose primary goal is to support sustainable economic growth and prosperity in the Asia-Pacific region. The APEC Cross Border Privacy Rules (CBPR) is the first framework approved for the transfer of personal data between all 21 APEC Member countries with the U.S. being the first formal participant and the Federal Trade Commission serving as the first enforcement authority.

What is the APEC privacy framework?

The APEC Privacy Framework is a framework developed by APEC’s Electronic Commerce Steering Group (ECSG). It is aimed at effective information privacy protection and the free flow of information in the Asia-Pacific region – two factors that are key to improving consumer confidence and ensuring the growth of electronic commerce.

What is the CBPR system?

The APEC Cross-Border Privacy Rules (CBPR) System is a voluntary self-regulatory initiative designed to ensure the continued free flow of personal information across borders, within the APEC membership, while establishing meaningful protection for the privacy and security of personal information.

APEC Privacy Certification Benefits

  • Improve Compliance - Reduce the legal risks associated with meeting complex data privacy management requirements
  • Protect Brand - Protect your brand from negative media coverage due to privacy issues
  • Build Trust - Build trust with users, clients, business partners, and regulators by demonstrating your commitment to protecting customer data
  • Maximize Resources - Save time and expense associated with hiring extra legal and operations resources to assess and manage your privacy practices



Key Features

TRUSTe APEC Privacy certifications follow a comprehensive and proven multi-step process to ensure your privacy practices meet applicable regulatory and industry standards.

Data Collection & Discovery

TRUSTe APEC privacy certifications begin with a review of your data privacy practices for collection, storage and transfer of personal information. We work with you to identify what data you collect, how you use it, who you share it with, third party agreements, use of trackers, privacy disclosures, opt-outs, and much more. We also review your stated privacy practices and policies. TRUSTe uses a combination of methodologies including a manual evaluation of your privacy practices by our team of privacy analysts, company interviews, and digital property scanning tools.

Digital Property Scanning Tools

TRUSTe will apply our scanning technology to the applicable websites and mobile apps, providing comprehensive insight into the variety of data collection activities happening throughout your site and apps. The scan will uncover what could take dozens to hundreds of hours to accomplish manually with internal resources. You’ll find the first and third party trackers with detailed information about them including identity, location, type of tracker and URL. The scan will also shed light into the tracking technologies used, and the entire chain of tracker source (“daisy chain”). You will also get a scoring and evaluation of third party tracker severity, using a proprietary algorithm that calculates its Privacy Sensitivity Index (PSI). It will also provide insights into personally identifiable information (PII) data collection.

Privacy Findings Report & Gap Analysis

We present you with a Privacy Findings Report summarizing a gap analysis between your privacy practices and the APEC Privacy Program Requirements along with the changes you need to make to your data privacy management practices and privacy policies to achieve certification. The TRUSTe Privacy Program Requirements are built upon the core principles of transparency, choice and accountability and they provide a comprehensive set of requirements based on applicable privacy regulations, industry self-regulatory requirements, and industry best practices.

Privacy Statement Validation

We validate that your new website privacy statement accurately reflects your privacy practices and is consistent with our Privacy Program Requirements.

Certified Privacy Seal

Once we validate that you've implemented the changes outlined in the Privacy Findings Report, you get access to the TRUSTe APEC Certified Privacy Seal. The seal is recognized globally as a high standard for privacy management and displayed on thousands of websites and apps. You can display the seal both on your privacy statement as well as in other prominent places like your website home page and site footer to demonstrate your commitment to privacy. The seal is hosted by TRUSTe and linked to a TRUSTe Validation Page to provide real-time verification that your website certification is current and valid.

Letter of Attestation

Once certification is complete, you can request a customized letter of attestation that your company is a TRUSTe client that has undergone a review and alignment with TRUSTe’s program requirements. This attestation can be shared with clients and business partners as part of RFPs and other processes reviews to complement the TRUSTe Seal, providing a competitive distinction and selling point.

Privacy Dispute Resolution Service

You also get access to our third-party dispute resolution service, which helps you efficiently manage privacy inquiries from customers. It also addresses the third-party dispute handling requirements for regulatory programs like the US-EU Safe Harbor Framework.

Ongoing Privacy Monitoring

The website Data Tracker Scanning technology used in your initial certification is be applied periodically to help you monitor the ongoing privacy risk for your certified websites. TRUSTe Website Monitoring Service can also include validation checks to alert you when something unexpected appears or if when needed content or functionality are not found.

Ongoing Privacy Guidance

TRUSTed Websites also provides you with access to ongoing privacy guidance as it relates to your TRUSTe certification, including new regulations, product plans, geographic expansion, and acquisitions. You’ll get access to TRUSTe Privacy Solutions experts along with Educational Webinars, Seminars, White Papers, and Research Reports.


TRUSTe Data Privacy Management Services

APEC Privacy Certification is part of our Data Privacy Management (DPM) Service solutions which includes assessments and a wide range of certifications. DPM Services are managed by a team of TRUSTe privacy experts who combine 15+ years of expertise, a proven methodology and the power of our industry leading DPM platform to deliver solutions to you.

TRUSTe Data Privacy Management Platform

The DPM Platform is our comprehensive, SaaS-based technology solution which is available stand-alone and also used by TRUSTe to deliver our DPM Services.

For more information, visit TRUSTe Data Privacy Management Platform.

Data privacy management platform from TRUSTe offering web, cloud, mobile and ad privacy solutions.
The TRUSTe DPM Platform
Watch the Video »

APEC Privacy Certification Datasheet
Download Now »

APEC Privacy Certified

Follow Us

About Truste

TRUSTe is the leading global Data Privacy Management (DPM) company and powers trust in the data economy by enabling businesses to safely collect and use customer data across their customer, employee, and vendor channels. Our SaaS-based DPM Platform gives users control over all phases of data privacy management from conducting assessments and implementing compliance controls to managing ongoing monitoring. Our DPM Services, including assessments and certifications, are delivered by an expert team of privacy professionals. Thousands of companies worldwide rely on TRUSTe to minimize compliance risk and protect their brand.