[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUsqk_TCh3Bfx1zASR74RyjiowQIWebkOqht0e3QiQn8":3,"$fDuOfbrGklFg9DNstLQj01v77JKgm8YTNP3W1V3nd5U4":58,"white_papers":223},{"tableOfContents":4,"markDownContent":5,"htmlContent":6,"metaTitle":7,"metaDescription":8,"wordCount":9,"readTime":10,"title":7,"nbDownloads":11,"excerpt":12,"lang":13,"url":14,"intro":15,"featured":4,"state":16,"author":17,"authorId":18,"datePublication":22,"dateCreation":23,"dateUpdate":24,"mainCategory":25,"categories":41,"metaDatas":47,"imageUrl":48,"imageThumbUrls":49,"id":57},false,"*When handling a data subject rights request, providing a document to the requester is (very) often unavoidable: a copy of an ID, a contract, an account history, a customer file. These documents almost always contain information that cannot be disclosed as-is: data relating to third parties, internal contractual references, named individuals, etc.*\n\n*Redacting these documents is a step in its own right when processing the request. Yet the way most organizations go about it today is both costly, time-consuming, and dangerously insufficient.*\n\n*Dastra builds it directly into the workflow, without leaving the platform, with or without AI assistance.*\n\n---\n\n## What your “redacted documents” are really hiding\n\nFor years, legal and compliance teams have considered that placing an opaque block over a document is enough to conceal sensitive information. That is false, and data protection authorities regularly remind organizations of this. A visual mask applied to a non-flattened PDF can be **removed in a matter of seconds**, using any PDF editor, or even by a simple copy-paste into a word processor. The underlying text remains intact, readable, and extractable.\n\nThis is a **compliance breach**. Public authorities, law firms, and healthcare providers have transmitted supposedly redacted documents that in fact revealed third-party names, social security numbers, and confidential contractual information. In some cases, the consequences have been GDPR fines, litigation, and an irreparable loss of trust.\n\n---\n\n## An operational cost that few organizations truly measure\n\nRedaction is an expense item that often remains invisible in budgets, but very real in hours spent.\n\nTake a concrete example: a company receives 200 data subject rights requests per month (access, erasure, portability...). Each request involves the transmission of one or more documents: account statements, contracts, customer files. Each of these documents must be reviewed, third-party data identified and masked, and the file checked before it is sent.\n\nIn practice, this ties up a lawyer or DPO for 15 to 45 minutes per case. Across 200 cases, that amounts to **50 to 150 hours per month** dedicated to a repetitive task, highly prone to human error, that generates no added value but exposes the organization to sanctions if done poorly.\n\nAnd that figure does not include indirect costs: often expensive third-party redaction tools, external legal providers brought in for complex cases, and the time lost switching between multiple software tools without a clear workflow.\n\n---\n\n## When redaction becomes a compliance lever\n\nThe question is not *whether* your teams need to redact documents, but *how* they do it and at what cost.\n\nA redaction tool integrated directly into the data subject rights request workflow fundamentally changes the equation. **Dastra built this feature not as an add-on module, but as a native step in request processing: accessible from the transmission interface, without switching to another tool.**\n\nThe contribution of artificial intelligence in this context is particularly significant: instead of line-by-line reviewing a 20-page document to identify third-party names, addresses, and identifiers, AI automatically suggests the areas to be masked. The human operator validates, adjusts, completes, and retains control over the final decision.\n\nThe resulting document is then rasterized, archived in the request file, and the original is retained for the compliance record. Traceability is complete, and risk exposure is minimized.\n\n---\n\n## What this changes concretely for your organization\n\nBeyond compliance, the challenge is to **turn a burdensome task into a controlled process**.\n\nOrganizations handling large volumes of requests know that data subject rights management is one of the most costly friction points in their compliance program. Redaction is often the bottleneck.\n\nFaster processing also means a **shorter response time**: the GDPR requires a response to an access request within one calendar month. When redaction takes several days because the relevant lawyer is unavailable, or because the document must go through an external provider, meeting the deadline becomes difficult to guarantee.\n\nFinally, there is the matter of **trust**. Sending a client a properly redacted document, on time, without exposing a third party’s data, is a **strong signal of maturity in data protection.** At a time when data breaches are regularly publicized, it is also a **competitive** advantage.\n\n---\n\n## Compliant redaction is no longer an option\n\nThe GDPR introduced the principle of *privacy by design*: data protection must be built into processes from the outset, not added afterwards. Manual redaction (copy-paste, black rectangle, non-flattened PDF export) is the opposite of that principle.\n\nOrganizations that take compliance seriously can no longer afford to treat redaction as a peripheral manual task. It must become a **structured, supported, and traceable process**, just like managing the processing register or carrying out DPIAs.\n\nThat is exactly what Dastra has built: not yet another redaction tool, but an integrated building block that makes compliant redaction a natural step in data subject rights processing.\n\n## Compliant redaction with Dastra\n\nRedact documents attached to a data subject rights request directly from Dastra, with or without AI assistance.\n\n**Assisted redaction**\n\nWhen redaction starts, the document is analyzed and areas likely to contain third-party personal identifiers are automatically detected: names, addresses, contact details, identification numbers. These areas are preselected directly on the document. The team removes false positives with one click and manually completes any missed areas before validating.\n\n**Manual redaction**\n\nFor teams that prefer to keep full control, fully manual redaction is available in the same interface. The areas to be masked are selected directly on the document, with no automatic suggestions.\n\n**Generation of the redacted document**\n\nOnce the review is complete, the redacted document is generated. The output file is rasterized: the underlying text is not merely visually hidden, it is made permanently inaccessible and cannot be extracted from the final file. The redacted document is automatically attached to the request and available for sending. The original is retained or deleted according to the organization’s policy.\n\n> *For more information, see [this article.](https://www.dastra.eu/en/blog/new-version-204-data-redaction/60110)*\n\n## Best practices\n\n**Review before sending.** The redacted document should always be reviewed before transmission. A missed or poorly delimited area may be enough to expose third-party data.\n\n**Keep the original.** The unredacted original should be retained in the request file for your compliance record, unless your internal policy explicitly requires deletion.\n\n**Adapt the method to the document.** For large or structurally complex documents (multi-page contracts, bank statements, medical files), manual page-by-page review remains essential, whatever detection mode is used.\n\n**Do not send the original by mistake.** In a fast-moving process, there is always a risk of sending the wrong file. Make sure the document attached to the outgoing message is the redacted version, not the original.\n\n**Check metadata.** Some PDF files contain metadata (author, comments, revision history) that may include confidential information. Make sure the generated document does not carry residual information in its properties.\n\n**Document redaction decisions.** When a redaction decision is debatable (information partly related to the requester and partly to a third party), record the justification retained in the request file. This makes it easier to defend your position in the event of a challenge.\n\n{% button href='https://www.dastra.eu/en/contacts/demo' text='Request a Dastra demo ' target='\\_blank' role='button' class='btn btn-primary' %}\n\n---\n\n*Dastra is a Privacy & AI compliance management platform designed for legal, DPO, and compliance teams. The redaction feature is available directly in the data subject rights management module.*","\u003Cp>\u003Cem>When handling a data subject rights request, providing a document to the requester is (very) often unavoidable: a copy of an ID, a contract, an account history, a customer file. These documents almost always contain information that cannot be disclosed as-is: data relating to third parties, internal contractual references, named individuals, etc.\u003C/em>\u003C/p>\n\u003Cp>\u003Cem>Redacting these documents is a step in its own right when processing the request. Yet the way most organizations go about it today is both costly, time-consuming, and dangerously insufficient.\u003C/em>\u003C/p>\n\u003Cp>\u003Cem>Dastra builds it directly into the workflow, without leaving the platform, with or without AI assistance.\u003C/em>\u003C/p>\n\u003Chr />\n\u003Ch2 id=\"what-your-redacted-documents-are-really-hiding\">What your “redacted documents” are really hiding\u003C/h2>\n\u003Cp>For years, legal and compliance teams have considered that placing an opaque block over a document is enough to conceal sensitive information. That is false, and data protection authorities regularly remind organizations of this. A visual mask applied to a non-flattened PDF can be \u003Cstrong>removed in a matter of seconds\u003C/strong>, using any PDF editor, or even by a simple copy-paste into a word processor. The underlying text remains intact, readable, and extractable.\u003C/p>\n\u003Cp>This is a \u003Cstrong>compliance breach\u003C/strong>. Public authorities, law firms, and healthcare providers have transmitted supposedly redacted documents that in fact revealed third-party names, social security numbers, and confidential contractual information. In some cases, the consequences have been GDPR fines, litigation, and an irreparable loss of trust.\u003C/p>\n\u003Chr />\n\u003Ch2 id=\"an-operational-cost-that-few-organizations-truly-measure\">An operational cost that few organizations truly measure\u003C/h2>\n\u003Cp>Redaction is an expense item that often remains invisible in budgets, but very real in hours spent.\u003C/p>\n\u003Cp>Take a concrete example: a company receives 200 data subject rights requests per month (access, erasure, portability...). Each request involves the transmission of one or more documents: account statements, contracts, customer files. Each of these documents must be reviewed, third-party data identified and masked, and the file checked before it is sent.\u003C/p>\n\u003Cp>In practice, this ties up a lawyer or DPO for 15 to 45 minutes per case. Across 200 cases, that amounts to \u003Cstrong>50 to 150 hours per month\u003C/strong> dedicated to a repetitive task, highly prone to human error, that generates no added value but exposes the organization to sanctions if done poorly.\u003C/p>\n\u003Cp>And that figure does not include indirect costs: often expensive third-party redaction tools, external legal providers brought in for complex cases, and the time lost switching between multiple software tools without a clear workflow.\u003C/p>\n\u003Chr />\n\u003Ch2 id=\"when-redaction-becomes-a-compliance-lever\">When redaction becomes a compliance lever\u003C/h2>\n\u003Cp>The question is not \u003Cem>whether\u003C/em> your teams need to redact documents, but \u003Cem>how\u003C/em> they do it and at what cost.\u003C/p>\n\u003Cp>A redaction tool integrated directly into the data subject rights request workflow fundamentally changes the equation. \u003Cstrong>Dastra built this feature not as an add-on module, but as a native step in request processing: accessible from the transmission interface, without switching to another tool.\u003C/strong>\u003C/p>\n\u003Cp>The contribution of artificial intelligence in this context is particularly significant: instead of line-by-line reviewing a 20-page document to identify third-party names, addresses, and identifiers, AI automatically suggests the areas to be masked. The human operator validates, adjusts, completes, and retains control over the final decision.\u003C/p>\n\u003Cp>The resulting document is then rasterized, archived in the request file, and the original is retained for the compliance record. Traceability is complete, and risk exposure is minimized.\u003C/p>\n\u003Chr />\n\u003Ch2 id=\"what-this-changes-concretely-for-your-organization\">What this changes concretely for your organization\u003C/h2>\n\u003Cp>Beyond compliance, the challenge is to \u003Cstrong>turn a burdensome task into a controlled process\u003C/strong>.\u003C/p>\n\u003Cp>Organizations handling large volumes of requests know that data subject rights management is one of the most costly friction points in their compliance program. Redaction is often the bottleneck.\u003C/p>\n\u003Cp>Faster processing also means a \u003Cstrong>shorter response time\u003C/strong>: the GDPR requires a response to an access request within one calendar month. When redaction takes several days because the relevant lawyer is unavailable, or because the document must go through an external provider, meeting the deadline becomes difficult to guarantee.\u003C/p>\n\u003Cp>Finally, there is the matter of \u003Cstrong>trust\u003C/strong>. Sending a client a properly redacted document, on time, without exposing a third party’s data, is a \u003Cstrong>strong signal of maturity in data protection.\u003C/strong> At a time when data breaches are regularly publicized, it is also a \u003Cstrong>competitive\u003C/strong> advantage.\u003C/p>\n\u003Chr />\n\u003Ch2 id=\"compliant-redaction-is-no-longer-an-option\">Compliant redaction is no longer an option\u003C/h2>\n\u003Cp>The GDPR introduced the principle of \u003Cem>privacy by design\u003C/em>: data protection must be built into processes from the outset, not added afterwards. Manual redaction (copy-paste, black rectangle, non-flattened PDF export) is the opposite of that principle.\u003C/p>\n\u003Cp>Organizations that take compliance seriously can no longer afford to treat redaction as a peripheral manual task. It must become a \u003Cstrong>structured, supported, and traceable process\u003C/strong>, just like managing the processing register or carrying out DPIAs.\u003C/p>\n\u003Cp>That is exactly what Dastra has built: not yet another redaction tool, but an integrated building block that makes compliant redaction a natural step in data subject rights processing.\u003C/p>\n\u003Ch2 id=\"compliant-redaction-with-dastra\">Compliant redaction with Dastra\u003C/h2>\n\u003Cp>Redact documents attached to a data subject rights request directly from Dastra, with or without AI assistance.\u003C/p>\n\u003Cp>\u003Cstrong>Assisted redaction\u003C/strong>\u003C/p>\n\u003Cp>When redaction starts, the document is analyzed and areas likely to contain third-party personal identifiers are automatically detected: names, addresses, contact details, identification numbers. These areas are preselected directly on the document. The team removes false positives with one click and manually completes any missed areas before validating.\u003C/p>\n\u003Cp>\u003Cstrong>Manual redaction\u003C/strong>\u003C/p>\n\u003Cp>For teams that prefer to keep full control, fully manual redaction is available in the same interface. The areas to be masked are selected directly on the document, with no automatic suggestions.\u003C/p>\n\u003Cp>\u003Cstrong>Generation of the redacted document\u003C/strong>\u003C/p>\n\u003Cp>Once the review is complete, the redacted document is generated. The output file is rasterized: the underlying text is not merely visually hidden, it is made permanently inaccessible and cannot be extracted from the final file. The redacted document is automatically attached to the request and available for sending. The original is retained or deleted according to the organization’s policy.\u003C/p>\n\u003Cblockquote>\n\u003Cp>\u003Cem>For more information, see \u003Ca href=\"https://www.dastra.eu/en/blog/new-version-204-data-redaction/60110\">this article.\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Ch2 id=\"best-practices\">Best practices\u003C/h2>\n\u003Cp>\u003Cstrong>Review before sending.\u003C/strong> The redacted document should always be reviewed before transmission. A missed or poorly delimited area may be enough to expose third-party data.\u003C/p>\n\u003Cp>\u003Cstrong>Keep the original.\u003C/strong> The unredacted original should be retained in the request file for your compliance record, unless your internal policy explicitly requires deletion.\u003C/p>\n\u003Cp>\u003Cstrong>Adapt the method to the document.\u003C/strong> For large or structurally complex documents (multi-page contracts, bank statements, medical files), manual page-by-page review remains essential, whatever detection mode is used.\u003C/p>\n\u003Cp>\u003Cstrong>Do not send the original by mistake.\u003C/strong> In a fast-moving process, there is always a risk of sending the wrong file. Make sure the document attached to the outgoing message is the redacted version, not the original.\u003C/p>\n\u003Cp>\u003Cstrong>Check metadata.\u003C/strong> Some PDF files contain metadata (author, comments, revision history) that may include confidential information. Make sure the generated document does not carry residual information in its properties.\u003C/p>\n\u003Cp>\u003Cstrong>Document redaction decisions.\u003C/strong> When a redaction decision is debatable (information partly related to the requester and partly to a third party), record the justification retained in the request file. This makes it easier to defend your position in the event of a challenge.\u003C/p>\n\u003Cdiv class=\"content-btn-container\">\u003Ca>\u003C/a>\u003C/div>\n\u003Chr />\n\u003Cp>\u003Cem>Dastra is a Privacy &amp; AI compliance management platform designed for legal, DPO, and compliance teams. The redaction feature is available directly in the data subject rights management module.\u003C/em>\u003C/p>\n","Redaction and GDPR: Why Your Current Method Is Not Enough","Data redaction: a legal necessity that your teams are still doing manually (and badly)",1211,7,0,null,"en","redaction-and-gdpr-why-your-current-method-is-not-enough","Document redaction: a legal necessity that your teams are still doing manually (and badly)","Published",{"id":18,"displayName":19,"avatarUrl":20,"bio":12,"blogUrl":12,"color":12,"userId":18,"creationDate":21},20352,"Leïla Sayssa","https://static.dastra.eu/tenant-3/avatar/20352/TDYeY3C8Rz1lLE/dpo-avatar-h01-150.png","2025-03-03T11:08:22","2026-07-01T14:06:00","2026-07-01T14:06:25.6891841","2026-07-01T14:11:20.4650394",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":31},2,"Blog","A list of curated articles provided by the community","blog","#28449a",[32,35,38],{"lang":33,"name":27,"description":34},"fr","Une liste d'articles rédigés par la communauté",{"lang":36,"name":27,"description":37},"es","Una lista de artículos escritos por la comunidad",{"lang":39,"name":27,"description":40},"de","Eine Liste von Artikeln, die von der Community verfasst wurden",[42],{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":43},[44,45,46],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[],"https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-original.jpg",[50,51,52,53,54,55,56],"https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-1000.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-1500.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-800.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-600.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-300.webp","https://static.dastra.eu/content/d40897b0-f620-4a19-be7f-b86ccccd9e90/visuel-article-4-100.webp",60138,{"total":59,"items":60,"parent":218},8,[61,82,102,124,146,167,185,201],{"id":62,"name":63,"description":64,"url":65,"color":66,"parentId":26,"count":12,"imageUrl":12,"parent":67,"order":59,"translations":72},20,"Inside Dastra","Go behind the scenes at Dastra: company news, culture, events, team highlights, and the people driving our GDPR solution.","dastra-life","#e3cf68",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":68},[69,70,71],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[73,76,79],{"lang":33,"name":74,"description":75},"Vie de Dastra","Plongez dans les coulisses de Dastra : actualités internes, culture d’entreprise, événements, équipes et engagements. Découvrez qui se cache derrière notre solution RGPD.",{"lang":39,"name":77,"description":78},"Innerhalb von Dastra","Eintauchen in das Unternehmen",{"lang":36,"name":80,"description":81},"Dentro de Dastra","Sumérjase en la empresa",{"id":83,"name":84,"description":85,"url":86,"color":87,"parentId":26,"count":12,"imageUrl":12,"parent":88,"order":10,"translations":93},69,"Expertise","Gain insights from our experts on GDPR compliance, data protection, and privacy challenges. In-depth articles, professional analysis, and real-world best practices.","indepth","#000000",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":89},[90,91,92],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[94,96,99],{"lang":33,"name":84,"description":95},"Bénéficiez des conseils de nos experts sur la conformité RGPD, la protection des données et les enjeux privacy. Articles de fond, analyses et retours d’expérience métier.",{"lang":39,"name":97,"description":98},"Fachwissen","Entdecken Sie die Artikel unserer DSGVO-Experten",{"lang":36,"name":100,"description":101},"Experiencia","Descubre los artículos de nuestros expertos en Privacy",{"id":103,"name":104,"description":105,"url":106,"color":107,"parentId":26,"count":12,"imageUrl":12,"parent":108,"order":113,"translations":114},4,"Use cases","Discover how companies use Dastra to manage their GDPR compliance. Testimonials, use cases, and real-world integrations of our privacy management solution.","case-studies","#b61b9c",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":109},[110,111,112],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},6,[115,118,121],{"lang":33,"name":116,"description":117},"Retours d'expérience","Découvrez comment les entreprises utilisent Dastra pour piloter leur conformité RGPD. Témoignages, cas d’usage et intégrations concrètes de notre solution de privacy management.",{"lang":39,"name":119,"description":120},"Case Studies","Entdecken Sie die Erfahrungsberichte unserer Kunden",{"lang":36,"name":122,"description":123},"Casos prácticos","Descubra los testimonios de nuestros clientes",{"id":125,"name":126,"description":127,"url":128,"color":129,"parentId":26,"count":12,"imageUrl":12,"parent":130,"order":135,"translations":136},10,"Release notes","Keep up with the latest features of Dastra: product updates, new functionalities, and improvements to our GDPR compliance and data management platform.","release","#8c316a",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":131},[132,133,134],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},5,[137,140,143],{"lang":33,"name":138,"description":139},"Notes de version","Restez informé(e) des dernières fonctionnalités de Dastra : mises à jour, évolutions produit et améliorations de notre solution de conformité RGPD et de gestion des données personnelles.",{"lang":39,"name":141,"description":142},"Veröffentlichungen","Alle Versionshinweise und Funktionen von Dastra",{"lang":36,"name":144,"description":145},"Lanzamientos","Todas las notas de la versión e información sobre las funciones de Dastra",{"id":147,"name":148,"description":149,"url":150,"color":151,"parentId":26,"count":12,"imageUrl":12,"parent":152,"order":103,"translations":157},9,"News","Stay up to date with the latest news from data protection authorities: decisions, fines, guidelines, and regulatory trends in GDPR and privacy.","news","#1676ca",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":153},[154,155,156],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[158,161,164],{"lang":33,"name":159,"description":160},"Actualités","Suivez les dernières actualités des autorités de protection des données (CNIL, EDPS, etc.) : décisions, sanctions, lignes directrices et tendances réglementaires en matière de RGPD et de privacy.",{"lang":36,"name":162,"description":163},"Actualidad","Todos los artículos relativos a las autoridades de protección de datos",{"lang":39,"name":165,"description":166},"Nachrichten","Alle Artikel mit Bezug zu Datenschutzbehörden",{"id":168,"name":169,"description":170,"url":171,"color":87,"parentId":26,"count":12,"imageUrl":12,"parent":172,"order":177,"translations":178},221,"AI Governance","Best practices, regulatory frameworks and real-world insights to manage AI responsibly and in compliance with the AI Act.","ai-governance",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":173},[174,175,176],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},3,[179,182],{"lang":33,"name":180,"description":181},"Gouvernance de l'IA","Bonnes pratiques, cadres réglementaires et retours d'expérience pour piloter l'IA de façon responsable et conforme à l'AI Act.",{"lang":39,"name":183,"description":184},"KI-Governance","Best Practices, regulatorische Rahmenbedingungen und Praxiserfahrungen für einen verantwortungsvollen KI-Einsatz im Einklang mit dem AI Act.",{"id":186,"name":187,"description":188,"url":189,"color":87,"parentId":26,"count":12,"imageUrl":12,"parent":190,"order":26,"translations":195},220,"Compliance","Regulatory news, practical guides and analysis to keep your organization compliant with the GDPR and beyond.","compliance",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":191},[192,193,194],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[196,199],{"lang":33,"name":197,"description":198},"Conformité","Actualités réglementaires, guides pratiques et analyses pour maintenir votre organisation en conformité RGPD et au-delà.",{"lang":39,"name":187,"description":200},"Regulatorische Neuigkeiten, Praxisleitfäden und Analysen, um Ihre Organisation DSGVO-konform und darüber hinaus aufzustellen.",{"id":202,"name":203,"description":204,"url":205,"color":87,"parentId":26,"count":12,"imageUrl":12,"parent":206,"order":211,"translations":212},219,"Privacy","Principles, techniques and trends in personal data protection — from privacy by design to data subject rights.","privacy",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":207},[208,209,210],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},1,[213,215],{"lang":33,"name":203,"description":214},"Principes, techniques et tendances autour de la protection des données personnelles — de la privacy by design aux droits des personnes.",{"lang":39,"name":216,"description":217},"Datenschutz","Grundsätze, Methoden und Trends zum Schutz personenbezogener Daten — von Privacy by Design bis zu Betroffenenrechten.",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":219},[220,221,222],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},{"items":224,"total":261,"size":211,"page":211},[225],{"title":226,"nbDownloads":59,"excerpt":12,"lang":13,"url":227,"intro":228,"featured":4,"state":16,"author":229,"authorId":18,"datePublication":230,"dateCreation":231,"dateUpdate":232,"mainCategory":233,"categories":239,"metaDatas":247,"imageUrl":251,"imageThumbUrls":252,"id":260},"Your Checklist to Multi-State Privacy Impact Assessments ","your-checklist-to-multi-state-privacy-impact-assessment-compliance","Master multi-state Privacy Impact Assessments by downloading this checklist.",{"id":18,"displayName":19,"avatarUrl":20,"bio":12,"blogUrl":12,"color":12,"userId":18,"creationDate":21},"2026-02-23T10:07:00","2026-02-23T10:07:01.6114712","2026-02-24T15:38:38.0037058",{"id":234,"name":235,"description":12,"url":236,"color":237,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":177,"translations":238},70,"Livre blanc","white-papers","#1795d3",[],[240,245],{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":11,"translations":241},[242,243,244],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},{"id":234,"name":235,"description":12,"url":236,"color":237,"parentId":12,"count":12,"imageUrl":12,"parent":12,"order":177,"translations":246},[],[248],{"typeMetaDataId":103,"value":249,"id":250},"https://static.dastra.eu/backofficefilescontainer/6c9c6770-09f5-44d2-ac35-466a87c40426/US PIA Cross State Checklist Best Practices.pdf",117305,"https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-original.jpg",[253,254,255,256,257,258,259],"https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-1000.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-1500.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-800.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-600.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-300.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-100.webp",59886,12]