[rev_slider alias="slideme"]

Home / Fil d’actualité RGPD


10/07/2018 CJUE- The data protection regulation applies to religious communities

Co-responsibility of a religious community (Jehovah’s witnesses) and its preaching member: preaching by door-to-door is not an exclusively personal and domestic activity of each preacher, which would allow them to escape from the regulation, since it goes beyond their private sphere. The joint responsibility does not necessarily presuppose that each actor has access to personal data: the community organizing, coordinating … Read the rest


17/07/2018- CNIL – Closing of the formal notice against Genesis Industries Limited

Following the CNIL’s formal notice, the answers provided by Genesis and the subsequent controls from the CNIL, allowed to verify that the voice recognition, necessary for the toys to respond to the questions asked by the children, is no longer used. The discussions with the toys are no longer transferred to the servers of a third-party company outside the EU … Read the rest


02/07/2018 CNIL press release – What controls for 2018?

The CNIL’s controls in 2018 will follow the same lines as before, with investigations based on complaints and reports sent to the CNIL, verifications carried out following closures, formal notices or sanctions, missions carried out on the basis of current topics and the annual program of controls on the specific themes selected. For 2018, it concerns the processing of personal … Read the rest


02/07/2018 CNIL- Formal notice against the Institute of informatic and commercial techniques- CCTV: The constant surveillance of employees or students is excluded.

Is excessive any systems that constantly monitors employees or students, that is to say, to film both access to the establishment, the traffic and the places of life during business hours of the establishment, except in exceptional circumstances.

The obligation of information of the filmed person can be filled by mentioning it in the general conditions of inscription, a posting … Read the rest


01/07/2018- International/ Brazil – the LGPD should come into force within 18 months.

After 8 years of work and inspired by the 1995 European Directive, the 1st Brazilian law on the protection of personal data (LGPD) will come into force. It creates and standardizes a comprehensive system of protection with 10 legal bases to justify the processing of personal data (including consent), enhanced protection for so-called sensitive data (eg ethnic origin, political … Read the rest


28/06/2018 CNIL press release- The most common negligence in the security of websites.

The pitfalls quite easy to avoid and yet most often encountered concerning the security of the web sites are in particular: an authentication by a password too flexible, the absence of authentication rules to an account (the only incremental URL enough to access), the lack of encrypted data, the indexing of data in a search engine.

Read the rest

21/06/2018 CNIL- Sanction for the association for the development of fireplaces : 75K€.

Facts: Notification sent to the CNIL, which carries out an online check and warns the ADEF of a personal data breach (modification of the path of the URL displayed in the browser allowed access to documents registered by other applicants: taxi notices, passports, identity cards, residence permits, pay slips, CAF payment certificates, NIR, IBAN, etc. housing applicants who have made … Read the rest


21/06/2018 – Promulgation of Law No. 2018-493 of June 20, 2018 amending the LIL.

Update of certain provisions regarding the Data Protection Regulation, exercise of the national maneuvers foreseen in the Data Protection Regulation (eg age of numerical majority) and transposition of the Directive 2016/680 “Police Justice”.

According to the CNIL, an order for a complete rewriting of the law “Data processing and liberty” is planned within a period of six months, to allow … Read the rest