Thus, since 25 May 2018, the European regulation on the protection of personal data called GDPR (General Data Protection Regulation) has been in application.
All companies and administrations must demonstrate their compliance with the protection authority (CNIL). They must notify within 72 hours of a data breach. Finally, they must appoint a Data Protection Officer (DPO) to ensure compliance.
The interests of European citizens are strengthened through various rights, including the consent to use their personal data and the right to forget.