The National Data Protection Commission (Commission Nationale pour la Protection des Données – CNPD) is an independent public institution with legal personality. It is financially and administratively autonomous.
It verifies the legality of the processing of personal data and ensures the respect of personal freedoms and fundamental rights with regard to data protection and privacy.
The CNPD verifies if personal data is processed in accordance with the following provisions:
- the General Data Protection Regulation (GDPR);
- the Act of 1 August 2018 on the organisation of the National Data Protection Commission and the general data protection framework;
- the Act of 1 August 2018 on the protection of individuals with regard to the processing of personal data in criminal and national security matters;
- the Act of 30 May 2005 regarding the specific rules for the protection of privacy in the sector of electronic communications;
- other legal texts containing specific provisions on the protection of personal data.
The CNPD is not competent to supervise the processing of personal data carried out by courts of the judicial order, including the public prosecutor (ministère public), or the administrative order acting in their judicial capacities.
The current members of the CNPD are Ms Tine A. Larsen (Chair), Mr Thierry Lallemang (Commissioner), Mr Christophe Buschmann (Commissioner) and Mr Marc Lemmer (Commissioner).
From left to right: Thierry Lallemang, Tine A. Larsen, Christophe Buschmann and Marc Lemmer