The sanctions procedure


Following investigations, complaints or in case of breaches of the GDPR or of the Data Protection Act, the CNIL restricted committee may issue sanctions to controllers or processors.