During its investigations targeting companies, the CNIL is entitled to verify compliance with the GDPR of the processing of personal data in the context of their commercial activities, as we regularly see during the sanctions imposed, but also in terms of management of their human ressources. Data relating to employees is – in the same way as that of customers – strictly governed by regulations.
Companies must therefore constantly ensure that they respect their obligations in this area and scrupulously ensure that they inform their employees of how this data is managed – even though they often do not give priority to this subject during their reflections, as recalls Alan Walter in an interview with Arnaud Dumourier for Lex Inside.
Check out this interview here.