French Data Protection – CNIL – GRPD


The data of your clients allows can identify them. Such data are protected and controlled under a specific regime, to ensure their privacy.

The Commission Nationale de l’Informatique et des Libertés (CNIL) ensures that collected personal data does not affect the rights of consumers and private persons. Specific regulations have been introduced to prevent abuse and must be complied with under severe penalty.

Entry into force of GRPD regulation in 2018 necessitates compliance work in every company.

Companies must be especially attentive to sensitive data (such as medical data), which are subject to a specific authorization system.

Being assisted during any CNIL proceeding is also necessary for risk limitation purposes.

Drafting Documents, Contracts and CNIL Declarations

  • GRPD compliance ;
    • Personal Data policies audit.
    • Drafting of legal documents (Personal data register, compliance documentation, contract analysis, etc).
  • Data Protection Officer nomination.
  • CNIl authorization request ;
  • Analysis and drafting of your data privacy policy ;
  • Data privacy website and corporate audit ;
  • Drafting of data privacy clauses for contracts or terms and conditions ;
  • Drafting and negotiating data transfer agreements ;
  • Drafting of in-house data privacy charter ;
  • Binding Corporate Rules (BCR) ;
  • Data privacy related to client support ;
  • E-reputation proceedings in a B2B or B2C environment : fake reviews, damage to reputation, identity theft, defamation, blackmail ;
  • Removal of problematic content from websites (images, texts, etc).

CNIL Litigation

  • Cease and desist letter ;
  • Litigation in case of slander, libel, harassment or damaged right to privacy ;
  • Right to be forgotten ;
  • Representation in CNIL proceedings.