GDPR toolkit

The GDPR provides a diversified toolbox enabling organizations to dynamically manage and demonstrate their compliance with the Regulation: records of processing activities, information statements, data protection impact assessments, transfer frameworks, legal frameworks, certifications or codes of conduct.

Record of processing activities

The recording obligation is stated by article 30 of the GDPR. It is a tool to help you to be compliant with the Regulation. The record is a document with inventory and analysis purposes, which must reflect the reality of your personal data…

Privacy Impact assessment (pia)

Where a processing is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall carry out a privacy impact assessment.

General Data Protection Regulation: a guide to assist processors

Who does it apply to? Applicable as from 25 May 2018, the GDPR imposes specific obligations on processors who may be held liable in the event of data breaches. These obligations apply to all organisations which process personal data on behalf…

Code of conduct

Codes of conduct are one of the new compliance tools provided by the GDPR. They allow a harmonisation of practices at the level of a sector of activity.

Les articles associés les plus consultés

Data, footprints and freedoms: discover the CNIL's new Innovation & Foresight report

13 September 2023

Closure of the injunction issued against GOOGLE

By decision of 13 July 2023, the CNIL's restricted committee closed the injunction issued on 31…

01 August 2023

“Sandbox”: CNIL launches call for projects on artificial intelligence in public services

28 July 2023

Les documents associés à cette thématique

Poster

Affiche - 10 conseils pour rester net sur le web

Guidelines

Infografics - DPIA

Guidelines

Guidelines on Data Protection Impact Assessment (DPIA)