About Astrid’s GDPR compliance certificates

Welcome to Astrid! It's likely you are visiting our site because you have been shown one of our GDPR compliance certificates.

Astrid is a secure online platform that shows small businesses what they need to do, and gives them the tools and information they need, to become and remain compliant with the General Data Protection Regulation (GDPR). Organisations that subscribe with Astrid are committed to protecting personal data. They have chosen to use our secure platform to help them improve their data protection and support them in their GDPR compliance.


The certification process

Our certificate confirms that an organisation has completed Astrid’s compliance process, creating technical and organisational measures to protect personal data and demonstrating their commitment to complying with the General Data Protection Regulation (GDPR).

This process includes:

  • Planning the compliance journey
    Identifying who is responsible for data protection in the organisation, what data the organisation uses and how they can protect that data
  • Putting robust systems in place
    Getting the right systems in place and managing subject requests
  • Getting the right security in place
    Reviewing their own security measures, ensuring security is in place for sharing or transferring personal data, managing data breaches
  • Managing staff equipment and training
    Logging equipment used to access data and training staff in their responsibilities
Our platform records the steps that organisations have gone through and securely stores their compliance evidence. When an organisation has completed the stages and staff training under the above process, they are awarded their certificate.

Please note that this is an unaudited process. Astrid does not guarantee that an organisation is compliant with the GDPR.

Authenticating an Astrid GDPR compliance certificate

  1. Certificate number
    Each certificate has a unique number in the top left hand corner of the certificate. If you want to check the validity of a certificate, this is the vital piece of information.
  2. Named company
    Each certificate clearly states the name of the company to which it applies. This name matches the name in which the Astrid subscription is made.
  3. Astrid signature
    Each valid certificate is signed by our Managing Director, Gerrard Fisher, as it is generated.
  4. Certificate date
    This identifies when the certificate was generated, once an organisation has completed our compliance process as detailed above.
  5. Expiry date
    Our certificates are valid for a 12 month period only. After that date, organisations are required to renew their subscription and demonstrate their continued compliance in order to receive a new certificate.
If you would like to double check with us that someone’s certificate is genuine, please contact us. providing us with the certificate number, name of the company certified and the certification date.

If we can help your organisation become and remain GDPR compliant and provide the evidence you need to demonstrate your compliance to customers, employees and other contacts, visit our services page via the button below.