On November 6, 2018, the French Data Protection Authority (the “CNIL”) published its own guidelines on data protection impact assessments (the “Guidelines”) and a list of processing operations that require a data protection impact assessment (“DPIA”).
Source: CNIL Publishes DPIA Guidelines and List of Processing Operations Subject To DPIA