Documentation required by the CNIL, all reporting formalities to be made to the CNIL before the implementation of a personal data processing; depending on the case, it may be a declaration or a request for authorization.
As we can read on his page, the CNIL is the regulator of personal data:
In the digital world, the National Commission of Computing and Freedoms (CNIL) is the regulator of personal data. It supports professionals in their compliance and helps individuals to control their personal data and exercise their rights
THE CNIL DECLARATION
Since 2006, he has to declare any data file submitted to a personal data processing . Data processing, this means that if you collect, store (with a database), use, and / or transmit this data to commercial partners, an administrative formality must be established with the CNIL . and in the event of non-compliance, the penalty incurred by the person liable is a fine of up to € 300 000 and 5 years’ imprisonment.
EUROPEAN REGULATION ON
THE PROTECTION OF PERSONAL DATA
THE 6 OBLIGATIONS OF THE
GENERAL DATA PROTECTION REGULATION FOR MAY 2018:
Am I in compliance?