GDPR Compliance
A Structured Approach to GDPR Compliance
Digeiz supports privacy-conscious analytics deployments through architecture, safeguards and clear processing roles.
The platform combines privacy by design, limited retention, aggregated outputs and deployment support to help clients operate analytics in public environments within a structured GDPR framework.
Clear roles matter
In Digeiz deployments, the client defines the purpose and context of the processing, while Digeiz provides and operates the analytics technology within that framework. This distinction is central to governance, visitor information and deployment choices.
Defines purpose, legal basis and visitor information
Provides processing technology, safeguards and analytics delivery
In Q4 2024, the CNIL — France's data protection authority — audited Digeiz's data processing and AI training practices. The scope covered software design, statistical outputs, AI training processes and privacy safeguards. The audit closed without sanctions or formal notice, with only two minor recommendations issued. The CNIL explicitly expressed confidence in Digeiz's ability to implement recommendations in a timely manner. A formal closing letter from the CNIL President (April 7, 2025) confirmed full GDPR compliance.
Aligned with core GDPR principles
The platform architecture reflects core GDPR principles: data minimization, limited retention, purpose limitation, and technical safeguards that reduce the risk of misuse for surveillance or individual identification.
Compliance is supported by the product design
Digeiz helps reduce privacy impact by processing images locally, deleting them quickly, retaining only aggregated outputs, and preventing the platform from becoming a tool for identity recognition.
Visitor information remains essential
Analytics deployments in public environments depend on clear information to visitors. Clients are responsible for that transparency, and Digeiz supports it through materials such as notices, web pages and QR-code based information access.
A shared compliance effort
Technology alone is not compliance. Legal basis, site communication, governance and deployment choices all matter. Digeiz provides a privacy-conscious technical foundation that supports compliant deployments.