The open source PIA software helps to carry out data protection impact assessment

30 June 2021

The PIA software aims to help data controllers build and demonstrate compliance to the GDPR. The tools is available in French and in English. It facilitates carrying out a data protection impact assessment, which will become mandatory for some processing operations as of  25 May 2018. This tool also intends to ease the use of the PIA guides published by the CNIL. 

Who can use the PIA software?

The tool is mainly addressed to data controllers who are slightly familiar with the PIA process. In this regard, a stand-alone version can be downloaded and easily launched on your computer.

It is also possible to use the tool on an organisation’s servers in order to integrate it with other tools and systems already used in-house.

What is it?

The PIA tool has been designed around three principles:

  • A didactic interface to carry out PIAs: the tool relies on a user-friendly interface to allow for a simple management of your PIAs. It clearly unfolds the privacy impact assessment methodology step by step. Several visualisation tools offer ways to quickly understand the risks.
  • A legal and technical knowledge base: the tool includes the legal points ensuring the lawfulness of processing and the rights of the data subjects. It also has a contextual knowledge base, available along all the steps of the PIA, adapting the contents displayed. The data are extracted from the GDPR, the PIA guides and the Security Guide from the CNIL, to the aspect of the processing studied.
  • A modular tool: designed to help you build your compliance, you can customise the tool contents to your specific needs or business sector, for example by creating a PIA model that you can duplicate and use for a set of similar processing operations. Published under a free licence, it is possible to modify the source code of the tool in order to add features or include it into tools used in your organisation. 

Portable Version

This version can be directly downloaded and launched on your computer with no need to install it locally.

It is available for the following operating systems:

Web version

This version has to be deployed on your organisation’s servers. It is available in a front-end or back-end mode.

The code is open source so it is possible to adapt it to your existing computing environment. 


You can watch the video tutorial to get started with the PIA software!

> Watch the video on you tube

Frequently asked questions and known issues (v 2.0)

This FAQ covers frequently asked questions received. We encourage you to read the help available in the software as well if you encounter an issue while using it.

Installation and update of the software

On which server can the PIA tool be deployed?

The PIA tool can be deployed on any kind of server. The optimal system requirements are the following:

  • CPU : i5;
  • Ram : 4Go;
  • Disk Space : 20Go;
  • Operating System : preferably Linux bot others OS work as well.

The installation procedure is described on the pia-back github page. An installation runbook for Ubuntu server 17.10 is also available.

I encounter installation issues for the server version, what can I do?

If you encounter any issue while installing the server version, you should check open issues on the front-end and back-end github repositories. If you don’t find an answer there, we encourage you to open a new one to share your specific problem in the corresponding issue page of each repository.

How to set the remote server in the tool?

To connect the front-end to a remote server, you need to go on the setting page accessible from the “Tools” menu. Enter the remote server url and click on update url.

How to update the PIA tool ?

Updates have to be made manually.

How often new releases of the tool will be published?

New versions of the tool are released every 4 to 6 months.

Using the software

A third-party software blocks the PIA software, what should I do?

To solve this issue, please contact your IT service or refer to the third-party software manual to authorise the execution of the PIA tool.

I can’t submit a section for evaluation

To submit a section of the PIA for evaluation, all fields must be filled. Please check if this is indeed the case. When editing a risk, it is mandatory to enter one measure that adresses the risk.

I can’t access the DPO opinion page

This page is only available once all sections of the PIA have been evaluated and have been submitted for validation.

Where are stored the data when using the portable version of the tool?

Data are stored in the following folders according to your OS:

  • Windows : "C:\Users\Username\AppData\Roaming\PIA"
  • MacOS : "/Users/username/Library/Application Support/PIA"
  • Linux : "~/.config/$YOUR_APP_NAME"

Contributing to the tool

How can I submit a translation to the tool or edit an existing one?

If you wish to submit a new translation or edit an existing one, please follow the steps described in this tutorial.

Known issues

The pdf export of the PIA report is not exported correctly

This issue is linked to the operating system or browser used to access the PIA tool as the pdf is generated through either one of them. Therefore, the pdf export can widely differ from one environment to the other. If you encounter problem while exporting the report in a pdf format, we encourage you to export the report in a text format first, available from the report display page.