CNIL (France): Difference between revisions

From GDPRhub
 
m ({{DataProtectionAuthorities}})
Line 69: Line 69:
[[Category:DPA]]  
[[Category:DPA]]  
[[Category:France]]
[[Category:France]]
{{DataProtectionAuthorities}}

Revision as of 22:20, 21 January 2020

Commission nationale de l'informatique et des libertés
LogoFR.png
Name: Commission nationale de l'informatique et des libertés
Abbreviation : CNIL
Jurisdiction: France
Head: Marie-Laure Denis
Secretary general: Jean Lessi
Adress: 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07
Webpage: cnil.fr
Fax: +33 1 53 73 22 00
Phone: +33 1 53 73 22 22
Twitter: @CNIL and @CNIL_en
Procedural Law: n/a
Decision Database: Legifrance
Translated Decisions: Category:CNIL (France)
Head Count: n/a
Budget: n/a

The CNIL is the federal Data Protection Authority for France. It resides in Paris and is in charge of enforcing GDPR for France.

Structure

The CNIL has been created in 1978, introduced by the law "Informatique et Libertés". It is an independant administrative authority, led by a college of 18 members and a contract staff team. Twelve out of eight-teen members are elected or designated by the national authorites and courts to which they belong ( i.e Senate, National parlement,Economic and social committee, Supreme civil and administrative Courts, Court of Auditors and the Commission of access to administrative documents). The CNIL's president can recruit freely its other staff.

The CNIL issues orders and imposes fines within a restricted formation.

The composition, nomination and the organisational structure are laid down by Articles 9 to 18 of the Law "Informatique et Libertés".

You can find the organization chart, here

Procedural Information

Applicable Procedural Law

The CNIL operates under the law "Informatique et Libertés" under the conditions laid down by Articles 19 to 29.

Complaints Procedure under Art 77 GDPR

The Supreme administrative Court (the "Conseil d'Etat") is the first and last judicial intance before which the CNIL's decision are challenged, pursuant to Article R 311-1 of the Code of Administrative Justice.

Any CNIL's decision can be challenged within the four months following the notification of the decision, with the conditions and limits provided for in Articles R 411-1 to R 421-7 and R 432-1 to R 441-1 of the Code of Administrative Justice.

You can find the provisions of the Code of Administrative Justice in French, here.

Ex Officio Procedures under Art 57 GDPR

The CNIL can run ex officio procedures out of its own motion. Its powers are described under Article 8 of the law "Informatique et Libertés".

Practical Information

The CNIL provides an online service to submit a complaint (in French), here.

Statistics

You can help us filling this section!

EU/EEA/UK Data Protection Authorities
Austria · Belgium · Bulgaria · Croatia · Cyprus · Czech Republic · Denmark · Estonia · Finland (Åland) · France · Germany (Baden-Württemberg · Bavaria, private sector · Bavaria, public sector · Berlin · Brandenburg · Bremen · Hamburg · Hesse · Lower Saxony · Mecklenburg-Vorpommern · North Rhine-Westphalia · Rhineland-Palatinate · Saarland · Saxony · Saxony-Anhalt · Schleswig-Holstein · Thuringia ) · Greece · Hungary · Ireland · Italy · Latvia · Lithuania · Luxembourg · Malta · Netherlands · Poland · Portugal · Romania · Slovakia · Slovenia · Spain (Basque Country · Catalonia · AndalusiaSweden
Iceland · Liechtenstein · Norway · United Kingdom EDPS · EDPB