FrEnCookies manager
FrEnCookies manager
  1. Home
  2. GDPR toolkit

GDPR toolkit

The GDPR provides a diversified toolbox enabling organizations to dynamically manage and demonstrate their compliance with the Regulation: records of processing activities, information statements, data protection impact assessments, transfer frameworks, legal frameworks, certifications or codes of conduct.

Record of processing activities

The record of processing activities allows you to make an inventory of the data processing and to have an overview of what you are doing with the concerned personal data.

General Data Protection Regulation: a guide to assist processors

Processors who process personal data on behalf of their clients have new responsibilities with regards to the GDPR. The CNIL has published a guide to raise their awareness and assist them in the practical implementation of their obligations.

Privacy Impact assessment (PIA)

Where a processing is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall carry out a privacy impact assessment.

Binding Corporate Rules (BCRs)

Binding Corporate Rules (BCRs) are an intra-group data protection policy for transfers of personal data outside of the European Union. They may cover all processing carried out by the organization or more specifically data transferred outside the…

Certification

Certification is a key compliance tool under the GDPR, helping to establish that a product, service, process, or data system is compliant with criteria approved by the CNIL or the EDPB.

Code of conduct

Codes of conduct are one of the new compliance tools provided by the GDPR. They allow a harmonisation of practices at the level of a sector of activity.

Les articles associés les plus consultés

The sanctions issued by the CNIL
The sanctions issued by the CNIL’s restricted committee since the entering into force of the GDPR.

12 February 2026

Digital Omnibus: EDPB and EDPS support simplification and competitiveness while raising key concern

12 February 2026

Sanctions and corrective measures: CNIL’s actions in 2025

09 February 2026

Les documents associés à cette thématique