[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8FAu1PWKdKmaYJY0YbWgAVnMxGORstGMFUNu2pkzLG8":3,"$fDuOfbrGklFg9DNstLQj01v77JKgm8YTNP3W1V3nd5U4":77,"white_papers":232},{"tableOfContents":4,"markDownContent":5,"htmlContent":6,"metaTitle":7,"metaDescription":8,"wordCount":9,"readTime":10,"title":11,"nbDownloads":12,"excerpt":13,"lang":14,"url":15,"intro":8,"featured":4,"state":16,"author":17,"authorId":18,"datePublication":22,"dateCreation":23,"dateUpdate":24,"mainCategory":25,"categories":41,"metaDatas":66,"imageUrl":67,"imageThumbUrls":68,"id":76},true,"The AI Act, or the Artificial Intelligence Regulation (Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024), has given rise to an entire market of tools dedicated to AI governance. But the most advanced organizations are not starting from scratch; they are instead building on what they have already developed.\n\nPrivacy, Compliance, and Risk Management teams are, in practice, becoming companies’ first AI Governance teams. This is not a deliberate organizational strategy choice: it is a direct consequence of the fact that the issues raised by AI are, for the most part, issues these teams already know how to handle.\n\nTo document this evolution, we cross-referenced data published by IAPP, Cisco, IBM, Microsoft, and McKinsey, as well as several European institutional sources. What these studies reveal together is more significant than what they say separately: GDPR, data governance, and AI governance are converging, and that convergence is already underway.\n\n---\n\n### Privacy teams are gradually becoming AI Governance teams\n\n\\\nOne of the most striking takeaways from recent studies lies less in the numbers themselves than in what they reveal about the quiet reconfiguration of organizations: AI governance is not being built from a blank slate. In nearly every case, it is being anchored in teams already responsible for data protection, data governance, or compliance.\n\nThis trend is no coincidence. The first questions raised when deploying an AI system invariably concern data: where it comes from, its quality, the individuals concerned, and the risks associated with its processing. These are precisely the questions Privacy teams have been trained to ask for years.\n\n### Key statistics\n\n- 69% of Chief Privacy Officers now have AI Governance responsibilities.\n- More than 80% of Privacy teams today have responsibilities extending beyond the GDPR regulatory framework alone.\n- 55% of Privacy professionals work in organizations where the Privacy function participates in AI governance.\n- 22% of organizations assign primary responsibility for AI governance to the Privacy function, compared with 22% to Legal and Compliance teams, 17% to IT, and 10% to Data Governance teams.\n- 67% of organizations where AI governance is led by the Privacy function say they are confident in their ability to comply with the AI Act requirements.\n\n> *Sources: IAPP Privacy Governance Report [2025](https://iapp.org/resources/article/ai-governance-profession-report) & [2024](https://iapp.org/resources/article/privacy-governance-report)*\n\n---\n\n### AI adoption is advancing much faster than governance frameworks\n\nEnterprise AI adoption is now massive and well documented. What is less visible, and more concerning, is the structural gap widening between the speed at which AI tools are deployed and organizations’ ability to govern them.\n\nThe phenomenon of *Shadow AI* (employees using AI tools without prior approval, often for fear of being seen as behind the curve) is becoming the leading AI governance risk in companies.\n\n### Key statistics\n\n- 75% of knowledge workers already use AI at work\n- 78% of users bring their own AI tools to work\n- 52% of users hesitate to disclose their AI use, and 53% fear being seen as replaceable if they use it\n- 79% of executives consider AI necessary to remain competitive, but **60% acknowledge they do not have a clear AI strategy**\n- 77% of organizations believe AI adoption is moving faster than their governance capabilities\n- Only **11% consider themselves fully prepared** for large-scale AI deployment\n\n> *Sources: [Microsoft Work Trend Index 2024](https://www.microsoft.com/en-us/worklab/work-trend-index/ai-at-work-is-here-now-comes-the-hard-part) / [IBM Institute for Business Value (CEO & CTO Generative AI Study)](https://www.ibm.com/thought-leadership/institute-business-value/en-us/report/ceo-generative-ai)*\n\n---\n\n### AI-related incidents look more like governance problems than algorithmic problems\n\nDebates around artificial intelligence often focus on models, their performance, or their bias.\n\nYet the most recent studies show that incidents observed within companies often originate elsewhere: lack of governance, insufficient access controls, poor third-party vendor management, and limited visibility into actual usage. The root causes of AI incidents are data governance problems, not model-tuning problems.\n\nThese issues are already well known to Privacy, Security, and Compliance teams.\n\n### Key statistics\n\n- 51% of organizations using AI have already experienced at least one negative AI-related consequence\n- Organizations are now managing on average **twice as many AI risks** as in 2022\n- 20% of companies have already suffered a Shadow AI-related breach, including 63% that had no formal AI governance policy, and **97% that lacked adequate AI access controls**\n- Breaches involving Shadow AI cost on average **$670,000 more**\n- The global average cost of a data breach reaches **$4.4 million**\n\n> *Sources: [McKinsey – The State of AI 2025](https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai) / [IBM Cost of a Data Breach Report 2025](https://www.ibm.com/reports/data-breach) / [Cybersecurity Dive – Analysis of IBM Cost of a Data Breach Report](https://www.cybersecuritydive.com/news/artificial-intelligence-security-shadow-ai-ibm-report/754009/)*\n\n---\n\n### Privacy investments are already delivering the benefits sought in AI Governance programs\n\nAI Governance leaders generally aim to improve trust, transparency, risk control, and compliance.\n\nThese are precisely the benefits companies have attributed to their Privacy programs for several years.\n\nThe results published by Cisco show that investments made in this area are now widely perceived as value-generating.\n\n### Key statistics\n\n- 96% of organizations believe the benefits of their Privacy investments outweigh their costs.\n- The reported median ROI is **1.6x**, with 53% of companies seeing a return between 1x and 2x\n- 86% believe data protection regulations have a positive impact on their organization.\n- 99% consider independent assurance and certification mechanisms important when selecting vendors.\n- Organizations spend an average of $2.7 million per year on their Privacy programs.\n\n> *Sources: [Cisco Data Privacy Benchmark Study 2025](https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-privacy-benchmark-study-2025.pdf)*\n\n---\n\n### The AI Act relies heavily on mechanisms already present in GDPR programs\n\nWhen examining the obligations imposed by the AI Act, a significant portion of the requirements concerns data, documentation, risk management, and traceability.\n\nThese mechanisms are already familiar to organizations that have structured their GDPR compliance.\n\nThe AI Act is not the GDPR. Its scope, logic, and actors are not identical. But it shares with the GDPR a governance architecture based on data, documentation, and accountability.\n\n#### Examples of convergence\n\n| AI Act | Privacy programs |\n| --- | --- |\n| AI system inventory | Record of processing activities |\n| Data governance | Data mapping |\n| Risk management | Impact assessment (DPIA) |\n| Technical documentation | Accountability |\n| AI vendor management | Processor management |\n| Post-deployment monitoring | Ongoing compliance controls |\n\n> *Regulatory references: [European Data Protection Board (EDPB) – AI Act and Data Protection Authorities Position Paper](https://www.edpb.europa.eu) / [EU AI Act – Article 10 (Data and Data Governance)](https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-10)*\n\n---\n\n### What these figures reveal\n\nTaken individually, each of these figures is interesting, but taken together, they point to a much deeper shift: Privacy teams are gradually becoming central players in AI governance.\n\nOrganizations are investing in trust mechanisms that benefit both the GDPR and the AI Act. The incidents observed are often linked to data governance, access control, or vendor management issues. Finally, regulatory requirements rely heavily on assets already present in Privacy programs: inventories, mappings, impact assessments, controls, and documentation.\n\nThe point, therefore, is not to determine whether the GDPR and the AI Act are identical. They are not. The real question is whether it is still relevant to maintain two separate governance frameworks to oversee the same data, the same risks, the same vendors, and, increasingly, the same teams.\n\nThe numbers suggest that the most advanced organizations have already made their decision.\n\n---\n\n**Separating tools fragments accountability. Unifying them creates control.**\\\nDastra centralizes your Privacy and AI governance on a single platform. [Discover it here.](https://www.dastra.eu/en/contacts/demo)","\u003Cp>The AI Act, or the Artificial Intelligence Regulation (Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024), has given rise to an entire market of tools dedicated to AI governance. But the most advanced organizations are not starting from scratch; they are instead building on what they have already developed.\u003C/p>\n\u003Cp>Privacy, Compliance, and Risk Management teams are, in practice, becoming companies’ first AI Governance teams. This is not a deliberate organizational strategy choice: it is a direct consequence of the fact that the issues raised by AI are, for the most part, issues these teams already know how to handle.\u003C/p>\n\u003Cp>To document this evolution, we cross-referenced data published by IAPP, Cisco, IBM, Microsoft, and McKinsey, as well as several European institutional sources. What these studies reveal together is more significant than what they say separately: GDPR, data governance, and AI governance are converging, and that convergence is already underway.\u003C/p>\n\u003Chr />\n\u003Ch3 id=\"privacy-teams-are-gradually-becoming-ai-governance-teams\">Privacy teams are gradually becoming AI Governance teams\u003C/h3>\n\u003Cp>\u003Cbr />\nOne of the most striking takeaways from recent studies lies less in the numbers themselves than in what they reveal about the quiet reconfiguration of organizations: AI governance is not being built from a blank slate. In nearly every case, it is being anchored in teams already responsible for data protection, data governance, or compliance.\u003C/p>\n\u003Cp>This trend is no coincidence. The first questions raised when deploying an AI system invariably concern data: where it comes from, its quality, the individuals concerned, and the risks associated with its processing. These are precisely the questions Privacy teams have been trained to ask for years.\u003C/p>\n\u003Ch3 id=\"key-statistics\">Key statistics\u003C/h3>\n\u003Cul>\n\u003Cli>69% of Chief Privacy Officers now have AI Governance responsibilities.\u003C/li>\n\u003Cli>More than 80% of Privacy teams today have responsibilities extending beyond the GDPR regulatory framework alone.\u003C/li>\n\u003Cli>55% of Privacy professionals work in organizations where the Privacy function participates in AI governance.\u003C/li>\n\u003Cli>22% of organizations assign primary responsibility for AI governance to the Privacy function, compared with 22% to Legal and Compliance teams, 17% to IT, and 10% to Data Governance teams.\u003C/li>\n\u003Cli>67% of organizations where AI governance is led by the Privacy function say they are confident in their ability to comply with the AI Act requirements.\u003C/li>\n\u003C/ul>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Sources: IAPP Privacy Governance Report \u003Ca href=\"https://iapp.org/resources/article/ai-governance-profession-report\" rel=\"nofollow\">2025\u003C/a> &amp; \u003Ca href=\"https://iapp.org/resources/article/privacy-governance-report\" rel=\"nofollow\">2024\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Chr />\n\u003Ch3 id=\"ai-adoption-is-advancing-much-faster-than-governance-frameworks\">AI adoption is advancing much faster than governance frameworks\u003C/h3>\n\u003Cp>Enterprise AI adoption is now massive and well documented. What is less visible, and more concerning, is the structural gap widening between the speed at which AI tools are deployed and organizations’ ability to govern them.\u003C/p>\n\u003Cp>The phenomenon of \u003Cem>Shadow AI\u003C/em> (employees using AI tools without prior approval, often for fear of being seen as behind the curve) is becoming the leading AI governance risk in companies.\u003C/p>\n\u003Ch3 id=\"key-statistics-1\">Key statistics\u003C/h3>\n\u003Cul>\n\u003Cli>75% of knowledge workers already use AI at work\u003C/li>\n\u003Cli>78% of users bring their own AI tools to work\u003C/li>\n\u003Cli>52% of users hesitate to disclose their AI use, and 53% fear being seen as replaceable if they use it\u003C/li>\n\u003Cli>79% of executives consider AI necessary to remain competitive, but \u003Cstrong>60% acknowledge they do not have a clear AI strategy\u003C/strong>\u003C/li>\n\u003Cli>77% of organizations believe AI adoption is moving faster than their governance capabilities\u003C/li>\n\u003Cli>Only \u003Cstrong>11% consider themselves fully prepared\u003C/strong> for large-scale AI deployment\u003C/li>\n\u003C/ul>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Sources: \u003Ca href=\"https://www.microsoft.com/en-us/worklab/work-trend-index/ai-at-work-is-here-now-comes-the-hard-part\" rel=\"nofollow\">Microsoft Work Trend Index 2024\u003C/a> / \u003Ca href=\"https://www.ibm.com/thought-leadership/institute-business-value/en-us/report/ceo-generative-ai\" rel=\"nofollow\">IBM Institute for Business Value (CEO &amp; CTO Generative AI Study)\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Chr />\n\u003Ch3 id=\"ai-related-incidents-look-more-like-governance-problems-than-algorithmic-problems\">AI-related incidents look more like governance problems than algorithmic problems\u003C/h3>\n\u003Cp>Debates around artificial intelligence often focus on models, their performance, or their bias.\u003C/p>\n\u003Cp>Yet the most recent studies show that incidents observed within companies often originate elsewhere: lack of governance, insufficient access controls, poor third-party vendor management, and limited visibility into actual usage. The root causes of AI incidents are data governance problems, not model-tuning problems.\u003C/p>\n\u003Cp>These issues are already well known to Privacy, Security, and Compliance teams.\u003C/p>\n\u003Ch3 id=\"key-statistics-2\">Key statistics\u003C/h3>\n\u003Cul>\n\u003Cli>51% of organizations using AI have already experienced at least one negative AI-related consequence\u003C/li>\n\u003Cli>Organizations are now managing on average \u003Cstrong>twice as many AI risks\u003C/strong> as in 2022\u003C/li>\n\u003Cli>20% of companies have already suffered a Shadow AI-related breach, including 63% that had no formal AI governance policy, and \u003Cstrong>97% that lacked adequate AI access controls\u003C/strong>\u003C/li>\n\u003Cli>Breaches involving Shadow AI cost on average \u003Cstrong>$670,000 more\u003C/strong>\u003C/li>\n\u003Cli>The global average cost of a data breach reaches \u003Cstrong>$4.4 million\u003C/strong>\u003C/li>\n\u003C/ul>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Sources: \u003Ca href=\"https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai\" rel=\"nofollow\">McKinsey – The State of AI 2025\u003C/a> / \u003Ca href=\"https://www.ibm.com/reports/data-breach\" rel=\"nofollow\">IBM Cost of a Data Breach Report 2025\u003C/a> / \u003Ca href=\"https://www.cybersecuritydive.com/news/artificial-intelligence-security-shadow-ai-ibm-report/754009/\" rel=\"nofollow\">Cybersecurity Dive – Analysis of IBM Cost of a Data Breach Report\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Chr />\n\u003Ch3 id=\"privacy-investments-are-already-delivering-the-benefits-sought-in-ai-governance-programs\">Privacy investments are already delivering the benefits sought in AI Governance programs\u003C/h3>\n\u003Cp>AI Governance leaders generally aim to improve trust, transparency, risk control, and compliance.\u003C/p>\n\u003Cp>These are precisely the benefits companies have attributed to their Privacy programs for several years.\u003C/p>\n\u003Cp>The results published by Cisco show that investments made in this area are now widely perceived as value-generating.\u003C/p>\n\u003Ch3 id=\"key-statistics-3\">Key statistics\u003C/h3>\n\u003Cul>\n\u003Cli>96% of organizations believe the benefits of their Privacy investments outweigh their costs.\u003C/li>\n\u003Cli>The reported median ROI is \u003Cstrong>1.6x\u003C/strong>, with 53% of companies seeing a return between 1x and 2x\u003C/li>\n\u003Cli>86% believe data protection regulations have a positive impact on their organization.\u003C/li>\n\u003Cli>99% consider independent assurance and certification mechanisms important when selecting vendors.\u003C/li>\n\u003Cli>Organizations spend an average of $2.7 million per year on their Privacy programs.\u003C/li>\n\u003C/ul>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Sources: \u003Ca href=\"https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-privacy-benchmark-study-2025.pdf\" rel=\"nofollow\">Cisco Data Privacy Benchmark Study 2025\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Chr />\n\u003Ch3 id=\"the-ai-act-relies-heavily-on-mechanisms-already-present-in-gdpr-programs\">The AI Act relies heavily on mechanisms already present in GDPR programs\u003C/h3>\n\u003Cp>When examining the obligations imposed by the AI Act, a significant portion of the requirements concerns data, documentation, risk management, and traceability.\u003C/p>\n\u003Cp>These mechanisms are already familiar to organizations that have structured their GDPR compliance.\u003C/p>\n\u003Cp>The AI Act is not the GDPR. Its scope, logic, and actors are not identical. But it shares with the GDPR a governance architecture based on data, documentation, and accountability.\u003C/p>\n\u003Ch4 id=\"examples-of-convergence\">Examples of convergence\u003C/h4>\n\u003Ctable>\n\u003Cthead>\n\u003Ctr>\n\u003Cth>AI Act\u003C/th>\n\u003Cth>Privacy programs\u003C/th>\n\u003C/tr>\n\u003C/thead>\n\u003Ctbody>\n\u003Ctr>\n\u003Ctd>AI system inventory\u003C/td>\n\u003Ctd>Record of processing activities\u003C/td>\n\u003C/tr>\n\u003Ctr>\n\u003Ctd>Data governance\u003C/td>\n\u003Ctd>Data mapping\u003C/td>\n\u003C/tr>\n\u003Ctr>\n\u003Ctd>Risk management\u003C/td>\n\u003Ctd>Impact assessment (DPIA)\u003C/td>\n\u003C/tr>\n\u003Ctr>\n\u003Ctd>Technical documentation\u003C/td>\n\u003Ctd>Accountability\u003C/td>\n\u003C/tr>\n\u003Ctr>\n\u003Ctd>AI vendor management\u003C/td>\n\u003Ctd>Processor management\u003C/td>\n\u003C/tr>\n\u003Ctr>\n\u003Ctd>Post-deployment monitoring\u003C/td>\n\u003Ctd>Ongoing compliance controls\u003C/td>\n\u003C/tr>\n\u003C/tbody>\n\u003C/table>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Regulatory references: \u003Ca href=\"https://www.edpb.europa.eu\" rel=\"nofollow\">European Data Protection Board (EDPB) – AI Act and Data Protection Authorities Position Paper\u003C/a> / \u003Ca href=\"https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-10\" rel=\"nofollow\">EU AI Act – Article 10 (Data and Data Governance)\u003C/a>\u003C/em>\u003C/p>\n\u003C/blockquote>\n\u003Chr />\n\u003Ch3 id=\"what-these-figures-reveal\">What these figures reveal\u003C/h3>\n\u003Cp>Taken individually, each of these figures is interesting, but taken together, they point to a much deeper shift: Privacy teams are gradually becoming central players in AI governance.\u003C/p>\n\u003Cp>Organizations are investing in trust mechanisms that benefit both the GDPR and the AI Act. The incidents observed are often linked to data governance, access control, or vendor management issues. Finally, regulatory requirements rely heavily on assets already present in Privacy programs: inventories, mappings, impact assessments, controls, and documentation.\u003C/p>\n\u003Cp>The point, therefore, is not to determine whether the GDPR and the AI Act are identical. They are not. The real question is whether it is still relevant to maintain two separate governance frameworks to oversee the same data, the same risks, the same vendors, and, increasingly, the same teams.\u003C/p>\n\u003Cp>The numbers suggest that the most advanced organizations have already made their decision.\u003C/p>\n\u003Chr />\n\u003Cp>\u003Cstrong>Separating tools fragments accountability. Unifying them creates control.\u003C/strong>\u003Cbr />\nDastra centralizes your Privacy and AI governance on a single platform. \u003Ca href=\"https://www.dastra.eu/en/contacts/demo\">Discover it here.\u003C/a>\u003C/p>\n","One Governance Framework for AI Act & GDPR: The Business Case","The figures from IAPP, Cisco, IBM, and McKinsey show that the convergence between AI Governance, Privacy, and Data Governance is already underway.",1282,7,"One Governance Framework for AI Act & GDPR: The Business Case in Numbers",0,null,"en","one-governance-framework-ai-act-gdpr-business-case-numbers","Published",{"id":18,"displayName":19,"avatarUrl":20,"bio":13,"blogUrl":13,"color":13,"userId":18,"creationDate":21},38,"Paul-Emmanuel Bidault","https://static.dastra.eu/tenant-27/avatar/38/paul-emmanuel-bidault-150.jpg","2019-12-03T19:09:28","2026-06-22T08:20:00","2026-06-30T08:20:42.6133344","2026-06-30T08:41:46.3040736",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":31},2,"Blog","A list of curated articles provided by the community","blog","#28449a",[32,35,38],{"lang":33,"name":27,"description":34},"fr","Une liste d'articles rédigés par la communauté",{"lang":36,"name":27,"description":37},"es","Una lista de artículos escritos por la comunidad",{"lang":39,"name":27,"description":40},"de","Eine Liste von Artikeln, die von der Community verfasst wurden",[42,47],{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":43},[44,45,46],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},{"id":48,"name":49,"description":50,"url":51,"color":52,"parentId":26,"count":13,"imageUrl":13,"parent":53,"order":58,"translations":59},221,"AI Governance","Best practices, regulatory frameworks and real-world insights to manage AI responsibly and in compliance with the AI Act.","ai-governance","#000000",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":54},[55,56,57],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},3,[60,63],{"lang":33,"name":61,"description":62},"Gouvernance de l'IA","Bonnes pratiques, cadres réglementaires et retours d'expérience pour piloter l'IA de façon responsable et conforme à l'AI Act.",{"lang":39,"name":64,"description":65},"KI-Governance","Best Practices, regulatorische Rahmenbedingungen und Praxiserfahrungen für einen verantwortungsvollen KI-Einsatz im Einklang mit dem AI Act.",[],"https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-original.png",[69,70,71,72,73,74,75],"https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-1000.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-1500.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-800.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-600.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-300.webp","https://static.dastra.eu/content/bc791419-e803-4e24-bf8d-5bc985bfde22/visuel-article-31-100.webp",60134,{"total":78,"items":79,"parent":227},8,[80,101,120,142,164,185,194,210],{"id":81,"name":82,"description":83,"url":84,"color":85,"parentId":26,"count":13,"imageUrl":13,"parent":86,"order":78,"translations":91},20,"Inside Dastra","Go behind the scenes at Dastra: company news, culture, events, team highlights, and the people driving our GDPR solution.","dastra-life","#e3cf68",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":87},[88,89,90],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[92,95,98],{"lang":33,"name":93,"description":94},"Vie de Dastra","Plongez dans les coulisses de Dastra : actualités internes, culture d’entreprise, événements, équipes et engagements. Découvrez qui se cache derrière notre solution RGPD.",{"lang":39,"name":96,"description":97},"Innerhalb von Dastra","Eintauchen in das Unternehmen",{"lang":36,"name":99,"description":100},"Dentro de Dastra","Sumérjase en la empresa",{"id":102,"name":103,"description":104,"url":105,"color":52,"parentId":26,"count":13,"imageUrl":13,"parent":106,"order":10,"translations":111},69,"Expertise","Gain insights from our experts on GDPR compliance, data protection, and privacy challenges. In-depth articles, professional analysis, and real-world best practices.","indepth",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":107},[108,109,110],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[112,114,117],{"lang":33,"name":103,"description":113},"Bénéficiez des conseils de nos experts sur la conformité RGPD, la protection des données et les enjeux privacy. Articles de fond, analyses et retours d’expérience métier.",{"lang":39,"name":115,"description":116},"Fachwissen","Entdecken Sie die Artikel unserer DSGVO-Experten",{"lang":36,"name":118,"description":119},"Experiencia","Descubre los artículos de nuestros expertos en Privacy",{"id":121,"name":122,"description":123,"url":124,"color":125,"parentId":26,"count":13,"imageUrl":13,"parent":126,"order":131,"translations":132},4,"Use cases","Discover how companies use Dastra to manage their GDPR compliance. Testimonials, use cases, and real-world integrations of our privacy management solution.","case-studies","#b61b9c",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":127},[128,129,130],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},6,[133,136,139],{"lang":33,"name":134,"description":135},"Retours d'expérience","Découvrez comment les entreprises utilisent Dastra pour piloter leur conformité RGPD. Témoignages, cas d’usage et intégrations concrètes de notre solution de privacy management.",{"lang":39,"name":137,"description":138},"Case Studies","Entdecken Sie die Erfahrungsberichte unserer Kunden",{"lang":36,"name":140,"description":141},"Casos prácticos","Descubra los testimonios de nuestros clientes",{"id":143,"name":144,"description":145,"url":146,"color":147,"parentId":26,"count":13,"imageUrl":13,"parent":148,"order":153,"translations":154},10,"Release notes","Keep up with the latest features of Dastra: product updates, new functionalities, and improvements to our GDPR compliance and data management platform.","release","#8c316a",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":149},[150,151,152],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},5,[155,158,161],{"lang":33,"name":156,"description":157},"Notes de version","Restez informé(e) des dernières fonctionnalités de Dastra : mises à jour, évolutions produit et améliorations de notre solution de conformité RGPD et de gestion des données personnelles.",{"lang":39,"name":159,"description":160},"Veröffentlichungen","Alle Versionshinweise und Funktionen von Dastra",{"lang":36,"name":162,"description":163},"Lanzamientos","Todas las notas de la versión e información sobre las funciones de Dastra",{"id":165,"name":166,"description":167,"url":168,"color":169,"parentId":26,"count":13,"imageUrl":13,"parent":170,"order":121,"translations":175},9,"News","Stay up to date with the latest news from data protection authorities: decisions, fines, guidelines, and regulatory trends in GDPR and privacy.","news","#1676ca",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":171},[172,173,174],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[176,179,182],{"lang":33,"name":177,"description":178},"Actualités","Suivez les dernières actualités des autorités de protection des données (CNIL, EDPS, etc.) : décisions, sanctions, lignes directrices et tendances réglementaires en matière de RGPD et de privacy.",{"lang":36,"name":180,"description":181},"Actualidad","Todos los artículos relativos a las autoridades de protección de datos",{"lang":39,"name":183,"description":184},"Nachrichten","Alle Artikel mit Bezug zu Datenschutzbehörden",{"id":48,"name":49,"description":50,"url":51,"color":52,"parentId":26,"count":13,"imageUrl":13,"parent":186,"order":58,"translations":191},{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":187},[188,189,190],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[192,193],{"lang":33,"name":61,"description":62},{"lang":39,"name":64,"description":65},{"id":195,"name":196,"description":197,"url":198,"color":52,"parentId":26,"count":13,"imageUrl":13,"parent":199,"order":26,"translations":204},220,"Compliance","Regulatory news, practical guides and analysis to keep your organization compliant with the GDPR and beyond.","compliance",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":200},[201,202,203],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},[205,208],{"lang":33,"name":206,"description":207},"Conformité","Actualités réglementaires, guides pratiques et analyses pour maintenir votre organisation en conformité RGPD et au-delà.",{"lang":39,"name":196,"description":209},"Regulatorische Neuigkeiten, Praxisleitfäden und Analysen, um Ihre Organisation DSGVO-konform und darüber hinaus aufzustellen.",{"id":211,"name":212,"description":213,"url":214,"color":52,"parentId":26,"count":13,"imageUrl":13,"parent":215,"order":220,"translations":221},219,"Privacy","Principles, techniques and trends in personal data protection — from privacy by design to data subject rights.","privacy",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":216},[217,218,219],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},1,[222,224],{"lang":33,"name":212,"description":223},"Principes, techniques et tendances autour de la protection des données personnelles — de la privacy by design aux droits des personnes.",{"lang":39,"name":225,"description":226},"Datenschutz","Grundsätze, Methoden und Trends zum Schutz personenbezogener Daten — von Privacy by Design bis zu Betroffenenrechten.",{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":228},[229,230,231],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},{"items":233,"total":275,"size":220,"page":220},[234],{"title":235,"nbDownloads":78,"excerpt":13,"lang":14,"url":236,"intro":237,"featured":238,"state":16,"author":239,"authorId":240,"datePublication":244,"dateCreation":245,"dateUpdate":246,"mainCategory":247,"categories":253,"metaDatas":261,"imageUrl":265,"imageThumbUrls":266,"id":274},"Your Checklist to Multi-State Privacy Impact Assessments ","your-checklist-to-multi-state-privacy-impact-assessment-compliance","Master multi-state Privacy Impact Assessments by downloading this checklist.",false,{"id":240,"displayName":241,"avatarUrl":242,"bio":13,"blogUrl":13,"color":13,"userId":240,"creationDate":243},20352,"Leïla Sayssa","https://static.dastra.eu/tenant-3/avatar/20352/TDYeY3C8Rz1lLE/dpo-avatar-h01-150.png","2025-03-03T11:08:22","2026-02-23T10:07:00","2026-02-23T10:07:01.6114712","2026-02-24T15:38:38.0037058",{"id":248,"name":249,"description":13,"url":250,"color":251,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":58,"translations":252},70,"Livre blanc","white-papers","#1795d3",[],[254,259],{"id":26,"name":27,"description":28,"url":29,"color":30,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":12,"translations":255},[256,257,258],{"lang":33,"name":27,"description":34},{"lang":36,"name":27,"description":37},{"lang":39,"name":27,"description":40},{"id":248,"name":249,"description":13,"url":250,"color":251,"parentId":13,"count":13,"imageUrl":13,"parent":13,"order":58,"translations":260},[],[262],{"typeMetaDataId":121,"value":263,"id":264},"https://static.dastra.eu/backofficefilescontainer/6c9c6770-09f5-44d2-ac35-466a87c40426/US PIA Cross State Checklist Best Practices.pdf",117305,"https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-original.jpg",[267,268,269,270,271,272,273],"https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-1000.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-1500.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-800.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-600.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-300.webp","https://static.dastra.eu/content/a321130b-375a-4a3f-b9d5-e9d9afea648e/visuel-article-18-100.webp",59886,12]