The sanctions procedure

Following investigations, complaints or in case of breaches of the GDPR or of the Data Protection Act, the CNIL restricted committee may issue sanctions to controllers or processors.

The steps of the procedure of sanction

When a sanction is likely to be imposed, the CNIL Chair may appoint a “rapporteur” and refer to the restricted committee.

The powers of the restricted committee

In case of a non-compliance with the GDPR and the French Data Protection Act, the chair of the CNIL may refer to the restricted committee in order to make one or several measures pronounced at the end of a procedure during which the incriminated ...

The cooperation with the other European supervisory authorities

In certain cases, it is necessary to cooperate with the other European authorities, within a procedure of sanction or an order to comply.

The sanctions issued by the CNIL

The sanctions issued by the CNIL’s restricted committee since the entering into force of the GDPR.

Les documents associés à cette thématique

Poster

[Infographic] The law enforcement process

Poster

[Infographic] The procedure of sanction

Les mots clés associés à cette thématique

This can also interest you ...

Privacy Research Day : watch the replay

The CNIL has released the replay of the Privacy Research Day, the first international and interdisciplinary conference organized by the Commission, which took place on JUne 28th, ...

Privacy Research Day

Commercial prospecting and personal rights: TOTALENERGIES fined 1 million euros

The CNIL has issued an administrative fine of 1 million euros on TOTALENERGIES ÉLECTRICITÉ ET GAZ FRANCE, notably for failing to comply with its obligations regarding commercial ...

Cookies: the Council of State confirms the 2020 sanction imposed by the CNIL against Amazon

In its judgement of June 27 2022, the Council of State confirms the 35 million euro penalty imposed by the CNIL on Amazon in 2020. The company deposited cookies on users' computers...

Cookies and tracking devices