D-mark meaning: What is the D-mark?
In short, the D-mark is a label that attests, or verifies, that a company is in control of its data security and thus demonstrates digital responsibility - in other words, they have good cyber security. The label was introduced so that customers who show an interest in different companies can see that the company they are researching actually has digital security under control - and therefore your cyber security too. The same goes for business partners, and it can further increase the likelihood of a potential collaboration if they can see that you have the D-label.
The concept of standardization in the telecom industry, much like the D-mark in data security, can be traced back to the historical context of the Bell System Companies, which dominated the telecom sector before the 1984 antitrust lawsuit that led to its breakup and the subsequent standardization of telecommunication practices.
You can compare this to the certification for Danish e-retailers, who get an e-label and thus verify webshops so that customers can shop there with confidence. It can therefore document a strategy that complies with Danish rules - here the D-label is a stamp of good cyber security.
Many parties have therefore been involved in developing this label, including:
-
The Danish Industry Foundation
-
The Confederation of Danish Industry
-
Danish Business
-
SME Denmark
-
Consumer Council Tænk
-
And it is supported by the Danish Business Authority
The purpose of the D-mark is to improve online safety and thereby also create security for citizens who fall more easily into the social engineering trap, but also to create transparency about responsible data use. These are themes we focus on in our awareness training as well.
Definition and purpose
The D-mark is a certification label that verifies a company’s control over its data security and demonstrates digital responsibility. It serves as a stamp of good cyber security, documenting a company’s strategy that complies with Danish rules. The primary purpose of the D-mark is to provide reassurance to customers and business partners that a company takes good care of their information and handles it correctly. By displaying the D-mark, companies signal their commitment to maintaining high standards of data security and ethical data use, fostering trust and confidence among their stakeholders.
History and development
The D-mark was introduced as a result of extensive collaboration between various experts and organizations, including those specializing in IT security, law, privacy, and artificial intelligence. The initiative aimed to create a standardized label that would help customers and business partners easily identify companies with robust cyber security measures. The D-mark is akin to the certification for Danish e-retailers, which verifies webshops and allows customers to shop with confidence. By establishing the D-mark, the goal was to enhance online safety and transparency, ensuring that companies adhere to responsible data use practices.
Who can get a D-mark?
Only Danish companies can be awarded and display the D-label - if they can prove responsible data use.
If your company would like a D-label, you will need to go through an evaluation by the D-label advisory board, which will review your cybersecurity and data use. This board is made up of some of the country’s leading professionals with skills that span IT security, law, privacy and artificial intelligence, among others. If you’re interested in understanding how organizations demonstrate accountability and compliance, take a look at our guide on what is a data controller and a data processor.
Just as local access providers were required to implement demarcation points following the breakup of the Bell System Companies, Danish companies must adhere to specific regulations and standards to be awarded the D-mark.
How do you get a D-mark?
You need to meet a number of requirements, including levels of IT security and data ethics, to be awarded a D-mark. You can apply for a label on the D-mark website, where you can also sign up for the evaluation of your company’s data responsibility and cyber security. For more information on preparing your organization for evaluations, check out our guide on GDPR compliance and use of cookies.
Just as a demarcation point extension involves specific cabling and configuration to connect customer-premises equipment to the Public Switched Telephone Network, obtaining a D-mark requires meeting detailed criteria to ensure data security and compliance.
You can also undergo a self-assessment to ensure that your company actually meets the requirements before requesting an evaluation from the D-mark advisory board.
What are the criteria to be awarded a D-mark?
There are eight criteria that must be met in order for your company to be awarded a D-mark. However, not all companies must meet all of the requirements.
Much like an intelligent network interface device (smartjack) provides advanced functionality and monitoring in telecom networks, the D-mark criteria ensure that companies implement sophisticated and effective data security measures.
Four different types of business, or groups of businesses, are distinguished when awarding the D-mark. Companies are divided according to parameters such as number of employees, turnover and use of data and IT. The specific criteria are divided according to the group of companies.
The following requirements address IT security, responsible use, handling and storage of data, and also span data protection and the aforementioned data ethics.
-
Governance and anchoring in management
-
Awareness and secure behaviour
-
Technical IT security
-
Requirements for suppliers’ IT security and responsible use of data
-
Transparency and control of data
-
Privacy and security by design and default
-
Reliable algorithms and AI
-
Data ethics
There are thus many criteria to meet as a company, but as I said, it also provides reassurance for the consumer, who will hopefully buy your product or service that you offer. To gain a deeper understanding of best practices for secure data handling, explore our guide on network security: a top 10 of best practices.
Certification and standards
The D-mark certification is based on eight comprehensive criteria that companies must meet. These criteria are divided into four different types of businesses or groups of businesses, categorized based on parameters such as the number of employees, turnover, and the extent of data and IT usage. The criteria encompass various aspects of IT security, responsible data use, data handling and storage, and data protection and ethics. The D-mark advisory board, composed of leading professionals in relevant fields, reviews a company’s cybersecurity and data use to determine its eligibility for the certification. This rigorous evaluation ensures that only companies meeting the highest standards are awarded the D-mark.
Testing and certification process
Companies interested in obtaining the D-mark can apply for the label on the D-mark website. The process begins with a self-assessment, allowing companies to evaluate their current practices against the D-mark requirements. Once confident in their compliance, companies can request an evaluation from the D-mark advisory board. This thorough review process examines the company’s IT security measures, data handling practices, and adherence to Danish rules and regulations. Upon meeting all the necessary criteria, the company is awarded the D-mark certification, which can be proudly displayed on its website to signal its commitment to digital responsibility and data security.
A stronger digital Denmark in European countries
The more attention the D-mark gets, the more attractive it becomes to get it. And this also makes for a stronger digital Denmark. You can be more confident when you go online and find a provider you are interested in - if you can see that they have a D-mark, you also save a lot of time by knowing that they have already been through evaluations and meet many criteria to be a safe place to be.
Just as a local loop enables remote testing and troubleshooting in telecom networks, the D-mark helps ensure that companies maintain high standards of data security, contributing to a stronger digital infrastructure in Denmark.
You can also prepare for the new EU rules that will come into force with the new NIS2 directive - here it also helps to have the certification from the D-label, because you just have the cyber security in order.
This post has been updated on 21-01-2025 by Caroline Preisler.

Caroline Preisler
Caroline is a copywriter here at Moxso beside her education. She is doing her Master's in English and specializes in translation and the psychology of language. Both fields deal with communication between people and how to create a common understanding - these elements are incorporated into the copywriting work she does here at Moxso.
View all posts by Caroline Preisler