Skip to content

Electronic archives & storage services: Auditing & certification of your trust service

Person tippt auf Laptop mit schwebendem Interface aus Ordner- und Dokumentensymbolen.

Become a qualified trust service provider (VDA) for long-term storage and become a secure source for signed documents

If, as a qualified trust service provider (TSP), you wish to offer services for the long-term preservation of signed documents, you must fulfil the security requirements set out in the eIDAS Regulation. This includes ensuring that the legal validity of qualified electronic signatures, seals and certificates remains verifiable beyond the period of their technological validity.

We support you in the effective implementation of the eIDAS Regulation: From the necessary testing to the conformity assessment (certification), we provide you with all the services that pave the way for successful qualification (award of qualification status) with your responsible supervisory body - in Germany the Federal Network Agency (BNetzA). This is the prerequisite for inclusion in the European eIDAS Trusted List of qualified providers (EU Trusted List - EUTL).

Are you already a qualified trust service provider and need to provide renewed proof that you are implementing the applicable provisions of the eIDAS Regulation, the ETSI standards and national legislation? We check your processes and documentation and carry out the re-certification.

Request a personalised quote now

Target group for certification of trust service providers for electronic archives and preservation services

Our offer is aimed at a wide range of organisations involved in the secure, legally binding distribution and use of digital archiving:

  • Organisations that already operate a qualified electronic trust service for electronic archives and preservation services or are planning to set up such a qualified service
  • Providers of digital identity services, certification services or trust services within the meaning of the eIDAS Regulation

The advantages of certification at a glance

  • Authorisation as a qualified trust service provider: You objectively prove that you fulfil the requirements of the eIDAS Regulation.
  • European recognition: You will be included in the EU Trusted Service List (TSL).
  • Access to the European Single Market: Your service can be used throughout the EU in a legally binding manner.
  • Transparent GAP analysis: We identify optimisation potential in your current implementation.
  • Training & expertise: With our training, your employees become your company's own eIDAS.PROFESSIONALs.

Your path to becoming a certified trust service provider for electronic archives and storage services

This is how we support you holistically:

Training & Qualification

  • eIDAS.PROFESSIONAL training for your employees

Concept & preparation

  • Overview of the legal requirements for trust services, including the relevant eIDAS requirements, relevant ETSI standards and evaluation of these requirements in the respective context
  • Explanation of the meaning of the Trust Service Practice Statement (TSPS) and introduction to the TÜV NORD certification programme, including normative and legal requirements, interpretations and other relevant aspects
  • Workshops and preliminary audits to identify non-conformities and potential for improvement through status analyses of the PKI or trust service and GAP analysis of existing documentation and processes

Testing & conformity assessment

Standards according to which we test:

  • eIDAS Regulation:
  • Article 34: Qualified preservation service for qualified electronic signatures
  • Article 40: Validation and preservation of qualified electronic seals
  • ETSI EN 319 401: Electronic Signatures and Infrastructures (ESI); General Requirements for Trust Service Providers
  • ETSI TS 119 511: Guidelines and security requirements for trust service providers for the long-term preservation of digital signatures or general data using digital signature techniques

Certification & re-certification

  • Conformity assessment and certification
  • Support for inclusion in the EU Trusted Service List

FAQ - Frequently asked questions about electronic archives and preservation services

Electronic archives are on the rise in the face of advancing digitalisation. In order to keep up with the times and with regard to aspects such as document management and archiving, rights management or revision security, many companies are working on gradually digitising their documents that were previously archived in paper form.

However, electronically signed, sealed or time-stamped documents are subject to different ageing processes than their paper counterparts. This is due to the mathematical algorithms used for signatures, seals and certificates. These lose their suitability over time, which ultimately leads to a loss of evidential value. The algorithms used in signatures, seals and certificates must therefore be updated at regular intervals.

Providers of special electronic archives, so-called preservation services, take care of this and ensure that the evidential value of the signed or sealed documents is maintained by renewing the ageing algorithms in good time.

Retention primarily describes the legally required storage of data and documents over defined periods of time. Archiving, on the other hand, is aimed at structured, long-term storage and retrievability - often beyond the legal requirements.

An electronic archive must be legally compliant, tamper-proof and audit-proof. Among other things, it must ensure that digital documents are traceable, complete and reproducible unchanged at all times - key requirements in accordance with eIDAS and GoBD (principles for the proper management and storage of books, records and documents in electronic form and for data access).

Reliable digital archiving of documents protects companies from data loss, legal risks and reputational damage. It ensures that documents are still valid and verifiable years later - even if the original signature technology is no longer up-to-date.

The eIDAS Regulation sets out requirements for qualified electronic archives and preservation services. These are intended to guarantee that signed data remains legally resilient in the long term - e.g. by regularly renewing cryptographic procedures.

Why we are a strong partner for you

  • Independence
    Our employees are not subject to any conflicts of interest, as they are not beholden to any product providers, system integrators, shareholders, interest groups or government agencies.
  • Expertise
    With us, you have one of the leading experts in the field of cyber security at your side, certified by the BSI as an IT security service provider for IS audits and penetration tests.
  • International network of experts
    Around the globe: We support you both nationally and internationally. Our global network of experts is at your side for all IT security issues.
  • Industry experience
    Thanks to our many years of experience in a wide range of sectors, we can serve companies from a wide range of industries.
  • Tailored to you
    We focus on customised services - and solutions - that are ideally suited to your current business situation and the goals you have set yourself.

Do you have any questions? We are happy to help!

Additional services

Hände tippen auf Laptop, umgeben von schwebenden Dokumentensymbolen.

Electronic signatures and seals

As an accredited testing and certification body, TÜVIT supports trust service providers from the planning of their services through the necessary tests to certification.
Read more
Hand stempelt Dokument, daneben schwebende Symbole von Dokumenten mit Häkchen.

Electronic seals

Become a qualified trust service provider (VDA) for electronic seals: We support you in planning your service(s), carry out tests according to eIDAS & ETSI and accompany you on your way to conformity assessment.
Read more
Hand hält Smartphone mit digitalem Dokument und Signatur-Symbol.

Remote signatures / remote seals

A trustworthy environment is the be-all and end-all when creating electronic remote signatures. To prove this objectively and be officially listed as a VDA, you must fulfil the requirements of the eIDAS Regulation.
Read more

Website authentication

Are you in the process of setting up or developing a qualified trust service for the creation of website certificates and would like to demonstrate compliance with the requirements of the eIDAS Regulation? Then you've come to the right (IT) address!
Read more
Person arbeitet an Laptop, umgeben von schwebenden digitalen Symbolen für Dokumente und Ordner.

Electronic time stamps

Would you like to be officially included in the European eIDAS trusted list of qualified providers as a VDA for electronic time stamps? We can support you with services such as planning, testing and conformity assessment.
Read more
Person hält Tablet mit schwebenden E-Mail-Symbolen, Laptop und Kaffeebecher im Hintergrund.

Electronic registration and delivery services

Become a qualified trust service for electronic registration and delivery services. We offer you: Training, workshops, planning your services, testing according to eIDAS & ETSI, conformity assessment (certification).
Read more
Hände tippen auf Laptop, umgeben von schwebenden digitalen Zertifikatsymbolen.

Validation services for electronic signatures, seals and time stamps

If you want to become a qualified trust service provider and be included in the EU Trusted Service List, your service must fulfil the requirements set out in the eIDAS Regulation. We can support you with this!
Read more
Hand hält digitales Zertifikat mit Häkchen und Sternen, umgeben von Dokumentensymbolen.

Modular services

With TÜVIT for eIDAS conformity of your modular service: We carry out the necessary tests according to eIDAS & ETSI, prepare a conformity assessment report and accompany you all the way to successful certification.
Read more
Person im Anzug nutzt Fingerabdrucksensor auf einem holografischen Login-Interface vor einem Laptop.

Electronic identification (eID)

Rely on us for the security of your eID service: We support you with training, workshops, GAP analyses, document checks and on-site audits on your way to qualification and EU notification.
Read more
Person interagiert mit einem digitalen Dokument auf einem Laptop, während sie ein Smartphone hält.

Qualified Signature Creation Device (QSCD)

As an accredited assessment and certification body for Common Criteria and QSCDs, we support trust service providers in the planning, assessment, certification and publication of QSCDs by the EU Commission.
Read more
Stadtverkehr mit Autos, die durch digitale Netzwerksymbole verbunden sind.

Cooperative Intelligent Transport Systems (C-ITS)

We support you on your way to an IT-secure C-ITS solution: from planning or further development to testing and certification in accordance with the security requirements of the European Commission.
Read more