France: CNIL publishes guidelines on employees' right to data access

On 5 January 2022, the French data protection authority (CNIL) issued instructions on employees' right to access their personal data and professional emails. The guidelines acknowledge the following principles: (1) The organisation must verify the requestor's identity; (2) The organisation must provide a free response to the request; (3) The right of access only applies to personal data, not documents; (4) The exercise of the right of access must not jeopardise the rights of others.