Minimize Risk When Expanding Business in Asia

More than 70 percent of the world’s purchasing power is now located outside of the US and in recent years Asia-Pacific consumers spent more in ecommerce than those in North America. To meet the demand, companies are expanding operations in Asia. Global businesses come to TRUSTe when they want to mitigate risks when collecting, using and transferring customer or employee data from Asia-Pacific Economic Cooperation (APEC) Member Nations.

TRUSTe is an Accountability Agent approved to certify data transfer practices under the APEC Cross-Border Privacy Rules (CBPR) framework

The APEC CBPR framework is a voluntary self-regulatory initiative designed to ensure the continued free flow of personal information across borders, within the APEC membership, while establishing meaningful protection for the privacy and security of personal information. It is the first framework approved for the transfer of personal data between all 21 APEC Member countries with the U.S. being the first formal participant and the Federal Trade Commission serving as the first enforcement authority. TRUSTe was unanimously approved as the first APEC CBPR accountability agent. To view TRUSTe’s accountability agent participation documents click here

Global Brands Choose TRUSTe for APEC Certification

Companies doing business in the Asia-Pacific region choose TRUSTe for APEC Certification to demonstrate their commitment to consumer data privacy and protection under the APEC CBPR system.

To view a complete list of APEC Certified companies click here.

Key Benefits

  • Incident prevention & reduced legal risks – associated with meeting complex data privacy requirements
  • Independent assessment – by the APEC CBPRs first accountability agent, approved by all 21 APEC Member Nations
  • Full-service team of privacy experts – with practical in-house business process experience, by your side throughout the process
  • Detailed and actionable guidance – to implement immediate steps
  • Digital monitoring – powered by TRUSTe’s state-of-the-art privacy technology
  • Streamlined process minimizes disruption – to your daily business operations and lightens the load for your in-house team
  • Brand protection – against negative media coverage
  • Demonstrated privacy commitment to build trust – with users, clients, business partners, and regulators
  • Flexibility – to extend Assessments to full Certification for remediation guidance and validation

    Our Assessments provide you with the information you need to take control with specific steps to mitigate risks.

    Comprehensive Assessment

    We first define the scope of assessment by business units, product/service lines, and digital properties (websites, apps, cloud platforms). Then determine whether to extend review to employee data or offline practices. A dedicated Privacy Solutions Manager (PSM) works with your team to efficiently guide discovery of necessary information, including relevant data flows. We then evaluate your privacy policies and practices against the APEC CBPR requirements.

    Findings Report

    Our team delivers a findings report with a gap analysis dashboard and remediation recommendations so you have the privacy risk information you need to take actionable steps.

    Tracker Scanning

    TRUSTe will apply proprietary scanning technology to the applicable digital properties providing comprehensive insight into personally identifiable information (PII) data collection, first and third party trackers on your property, and level of risk through the Privacy Sensitivity Index (PSI).

    Ongoing Guidance

    You also get access to TRUSTe privacy experts for ongoing policy guidance, along with educational webinars, events, whitepapers, client advisories, privacy tips and research.


    With Assessment results in hand, you have the flexibility to choose whether to pursue full Certification.

    Remediation / Validation

    We assist with any necessary remediation steps, including providing relevant templates and process change advice. We then validate that your privacy statements accurately reflect your privacy practices and are consistent with APEC CBPR requirements.

    Dispute Resolution

    TRUSTe provides a third-party dispute resolution service, which helps you efficiently manage privacy inquiries from customers and addresses dispute handling requirements.

    Certified Seal / Attestation

    Once certified, we authorize your use of the TRUSTe APEC Privacy seal for display on your digital properties. The seal is hosted by TRUSTe and linked to a TRUSTe Validation Page to provide real-time verification along with an easy-to-understand consumer notice that you meet globally recognized privacy requirements, including the APEC CBPR framework. As proof of TRUSTe APEC Certification, an official Letter of Attestation can be shared with your business partners, providing your organization with competitive differentiation.


    We provide a number of service tracks specifically designed to tackle the most important privacy challenges faced by our clients. TRUSTe Asia Cross Border Assessments and Certifications are part of our broad range of privacy services. You may also be interested in our Enterprise, US-EU Safe Harbor Customer + HR Data, or Kids Privacy services to further expand your risk and compliance management efforts.

    General AssessmentsRegulatory Assessments
    Strategic PrioritiesPrivacy Impact (PIA)TRUSTe EnterpriseEU Safe Harbor Customer + HR DataAsia Cross Border (APEC)Kids / COPPA
    Privacy FrameworkPrivacy Maturity Model, OthersAny Relevant RequirementsFIPPs, OECD, GAPP, CalOPPA, OthersUS-EU Safe HarborAPEC CPBR’sCOPPA
    Assessment & Findings Report
    Tracker Scanning
    Ongoing Guidance
    Dispute Resolution
    Certifications (Optional Add-on)
    Remediation / Validation
    Dispute Resolution
    TRUSTe SealsTRUSTe Certified PrivacyTRUSTe APECTRUSTe Kids
    Other SealsEU Safe Harbor*
    * = TRUSTe provides guidance to prepare for DOC Safe Harbor filing

    TRUSTe Privacy Professionals

    TRUSTe Privacy Services are delivered by our Privacy Consultants and Privacy Services Managers, a team of recognized data privacy experts with significant experience conducting privacy assessments. Our team has a unique hybrid background of privacy, technology, business process, and project management experience. All are CIPP trained or certified, many have law degrees, and have hands-on experience working for a wide range of companies including Adobe, American Express, Citrix, Comcast, HSBC Bank, IBM, Kimberly-Clark, Microsoft, Pfizer, and many more.

    Our privacy team leverages nearly 20 years experience delivering data privacy management solutions for thousands of global brands along with our comprehensive technology platform. We also have key regulatory relationships and are a leading provider of privacy services supporting regulatory and self-regulatory compliance programs for a wide range of agencies including APEC, DOC, DAA, EDAA, and FTC.

    TRUSTe Technology Platform

    Our Data Privacy Management Services leverage the TRUSTe Platform, a comprehensive, SaaS technology solution that provides state of the art assessment management, compliance control, and website scanning / monitoring capabilities.

    Data privacy management platform from TRUSTe offering web, cloud, mobile and ad privacy solutions.