On 10 July 2020, the French DPA (CNIL) published Guidelines on authorized third parties, which present the problems that may arise and best practices for controllers when processing such an authorized third parties’ request for the communication of personal data.
In addition, the CNIL also published a collection of the main procedures listing the entities likely to request such communication of personal data.
The press release is available here, the Guidelines here, and the procedures here (all available only in French).
