1:"$Sreact.fragment"
2:I[9766,[],""]
3:I[8924,[],""]
4:I[2619,["619","static/chunks/619-ba102abea3e3d0e4.js","904","static/chunks/app/articles/%5Bslug%5D/page-044b067b232a8b43.js"],""]
a:I[7150,[],""]
:HL["/_next/static/css/7e9d430c3e9e82b0.css","style"]
0:{"P":null,"b":"uw8ZKuJSK8VDRnOPCkRfa","p":"","c":["","articles","rgpd-ce-que-pme-doit-vraiment-faire"],"i":false,"f":[[["",{"children":["articles",{"children":[["slug","rgpd-ce-que-pme-doit-vraiment-faire","d"],{"children":["__PAGE__",{}]}]}]},"$undefined","$undefined",true],["",["$","$1","c",{"children":[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/7e9d430c3e9e82b0.css","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}]],["$","html",null,{"lang":"fr","suppressHydrationWarning":true,"children":["$","body",null,{"suppressHydrationWarning":true,"children":["$","$L2",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L3",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":[["$","div",null,{"className":"min-h-screen bg-gradient-to-br from-slate-50 via-purple-50 to-blue-50","children":[["$","div",null,{"className":"fixed inset-0 overflow-hidden pointer-events-none","children":[["$","div",null,{"className":"absolute top-0 right-0 w-96 h-96 bg-purple-300 rounded-full mix-blend-multiply filter blur-3xl opacity-20 animate-blob"}],["$","div",null,{"className":"absolute top-0 left-0 w-96 h-96 bg-blue-300 rounded-full mix-blend-multiply filter blur-3xl opacity-20 animate-blob animation-delay-2000"}],["$","div",null,{"className":"absolute bottom-0 left-1/2 w-96 h-96 bg-pink-300 rounded-full mix-blend-multiply filter blur-3xl opacity-20 animate-blob animation-delay-4000"}]]}],["$","div",null,{"className":"relative min-h-screen flex items-center justify-center px-4","children":["$","div",null,{"className":"text-center","children":[["$","div",null,{"className":"mb-8","children":["$","h1",null,{"className":"text-[180px] font-black leading-none bg-clip-text text-transparent bg-gradient-to-r from-purple-600 via-blue-600 to-indigo-600 animate-pulse","children":"404"}]}],["$","div",null,{"className":"mb-8","children":[["$","h2",null,{"className":"text-4xl font-bold text-gray-900 mb-4","children":"Page introuvable"}],["$","p",null,{"className":"text-xl text-gray-600 max-w-md mx-auto","children":"Désolé, la page que vous recherchez n'existe pas ou a été déplacée."}]]}],["$","div",null,{"className":"flex flex-col sm:flex-row gap-4 justify-center items-center","children":["$","$L4",null,{"href":"/","className":"group inline-flex items-center gap-3 px-8 py-4 bg-gradient-to-r from-purple-600 to-blue-600 text-white font-semibold rounded-full hover:shadow-2xl hover:scale-105 transition-all duration-300","children":[["$","svg",null,{"className":"w-5 h-5 group-hover:-translate-x-1 transition-transform duration-300","fill":"none","stroke":"currentColor","viewBox":"0 0 24 24","children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","strokeWidth":2,"d":"M3 12l2-2m0 0l7-7 7 7M5 10v10a1 1 0 001 1h3m10-11l2 2m-2-2v10a1 1 0 01-1 1h-3m-6 0a1 1 0 001-1v-4a1 1 0 011-1h2a1 1 0 011 1v4a1 1 0 001 1m-6 0h6"}]}],["$","span",null,{"children":"Retour à l'accueil"}]]}]}],["$","div",null,{"className":"mt-16 opacity-20","children":["$","svg",null,{"className":"w-64 h-64 mx-auto","viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","strokeWidth":1,"d":"M9.172 16.172a4 4 0 015.656 0M9 10h.01M15 10h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"}]}]}]]}]}],["$","footer",null,{"className":"relative bg-gradient-to-br from-gray-900 via-purple-900 to-indigo-900 text-gray-300 py-12","children":[["$","div",null,{"className":"absolute inset-0 bg-[url('data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iNjAiIGhlaWdodD0iNjAiIHZpZXdCb3g9IjAgMCA2MCA2MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj48ZyBmaWxsPSJub25lIiBmaWxsLXJ1bGU9ImV2ZW5vZGQiPjxnIGZpbGw9IiNmZmYiIGZpbGwtb3BhY2l0eT0iMC4wMyI+PHBhdGggZD0iTTM2IDM0djItaDJWMzZoLTJ6bTAtNGgydjJoLTJ2LTJ6bS0yIDJ2Mmgydi0yaC0yem0wLTJoMnYyaC0ydi0yem0tMiAydjJoMnYtMmgtMnptMC0yaDJ2MmgtMnYtMnptLTIgMnYyaDJ2LTJoLTJ6bTAtMmgydjJoLTJ2LTJ6Ii8+PC9nPjwvZz48L3N2Zz4=')] opacity-20"}],["$","div",null,{"className":"relative max-w-7xl mx-auto px-4","children":"$L5"}]]}]]}],[]],"forbidden":"$undefined","unauthorized":"$undefined"}]}]}]]}],{"children":["articles","$L6",{"children":[["slug","rgpd-ce-que-pme-doit-vraiment-faire","d"],"$L7",{"children":["__PAGE__","$L8",{},null,false]},null,false]},null,false]},null,false],"$L9",false]],"m":"$undefined","G":["$a",[]],"s":false,"S":true}
c:I[4431,[],"OutletBoundary"]
e:I[5278,[],"AsyncMetadataOutlet"]
10:I[4431,[],"ViewportBoundary"]
12:I[4431,[],"MetadataBoundary"]
13:"$Sreact.suspense"
5:["$","div",null,{"className":"text-center","children":[["$","div",null,{"className":"inline-block mb-4","children":["$","h3",null,{"className":"text-2xl font-bold bg-clip-text text-transparent bg-gradient-to-r from-white via-purple-200 to-blue-200","children":"MicroBlog IT"}]}],["$","p",null,{"className":"text-sm text-gray-400","children":"© 2025 MicroBlog IT · Tous droits réservés"}]]}]
6:["$","$1","c",{"children":[null,["$","$L2",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L3",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}]
7:["$","$1","c",{"children":[null,["$","$L2",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L3",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}]
8:["$","$1","c",{"children":["$Lb",null,["$","$Lc",null,{"children":["$Ld",["$","$Le",null,{"promise":"$@f"}]]}]]}]
9:["$","$1","h",{"children":[null,[["$","$L10",null,{"children":"$L11"}],null],["$","$L12",null,{"children":["$","div",null,{"hidden":true,"children":["$","$13",null,{"fallback":null,"children":"$L14"}]}]}]]}]
b:[["$","nav",null,{"className":"fixed top-0 left-0 right-0 z-50 bg-white/70 backdrop-blur-xl border-b border-gray-200/50","children":["$","div",null,{"className":"max-w-7xl mx-auto px-6 py-5","children":["$","div",null,{"className":"flex items-center justify-between","children":[["$","$L4",null,{"href":"/","className":"text-2xl font-bold text-gray-900 hover:text-gray-700 transition","children":"MicroBlog IT"}],["$","div",null,{"className":"hidden md:flex items-center gap-8","children":[["$","$L4",null,{"href":"/","className":"text-sm font-medium text-gray-900 hover:text-blue-600 transition-colors","children":"Articles"}],["$","$L4",null,{"href":"/#categories","className":"text-sm font-medium text-gray-600 hover:text-blue-600 transition-colors","children":"Catégories"}],["$","span",null,{"className":"text-xs text-gray-500 px-3 py-1.5 bg-white/80 backdrop-blur rounded-full border border-gray-200/50","children":[139," articles"]}]]}]]}]}]}],["$","div",null,{"className":"min-h-screen pt-24","children":["$","article",null,{"className":"article-content","children":[["$","header",null,{"className":"mb-8 pb-6 border-b border-gray-200","children":[["$","nav",null,{"className":"flex items-center text-sm text-gray-600 mb-4","children":[["$","$L4",null,{"href":"/","className":"hover:text-blue-600","children":"Accueil"}],["$","span",null,{"className":"mx-2","children":"/"}],[["$","span","legal",{"className":"flex items-center","children":[["$","$L4",null,{"href":"/categories/legal","className":"hover:text-blue-600 capitalize","children":"legal"}],["$","span",null,{"className":"mx-2","children":","}]]}],["$","span","saas",{"className":"flex items-center","children":[["$","$L4",null,{"href":"/categories/saas","className":"hover:text-blue-600 capitalize","children":"saas"}],false]}]]]}],["$","h1",null,{"children":"RGPD : ce que votre PME doit vraiment faire (sans paniquer)"}],["$","div",null,{"className":"text-gray-600 text-sm mt-2","children":["Mise à jour : ","2025-12-11"]}],["$","div",null,{"className":"flex flex-wrap gap-2 mt-4","children":[["$","$L4","legal",{"href":"/categories/legal","className":"text-xs px-3 py-1 bg-purple-100 text-purple-700 rounded-full hover:bg-purple-200 capitalize","children":"legal"}],["$","$L4","saas",{"href":"/categories/saas","className":"text-xs px-3 py-1 bg-purple-100 text-purple-700 rounded-full hover:bg-purple-200 capitalize","children":"saas"}]]}]]}],["$","div",null,{"className":"prose prose-lg max-w-none","children":[["$","p","p-0",{"children":"Mai 2018. Le RGPD entre en vigueur. Panique généralisée dans les PME. \"On risque des amendes colossales !\" \"Il faut un DPO !\" \"On doit tout revoir !\" Les cabinets d'avocats frottent leurs mains, les consultants RGPD explosent leurs tarifs, les articles anxiogènes se multiplient."}],"\n",["$","p","p-1",{"children":"Sept ans plus tard, où en est-on ? La majorité des PME sont... dans un flou artistique. Ni vraiment conformes, ni vraiment inquiètes. Elles ont fait \"quelques trucs\" (un bandeau cookies, une politique de confidentialité copiée-collée), sans vraiment comprendre ce qu'elles devaient faire."}],"\n",["$","p","p-2",{"children":"Résultat : beaucoup de stress inutile, peu d'actions concrètes, et une conformité en mode \"on croise les doigts\"."}],"\n",["$","p","p-3",{"children":"Alors, concrètement, qu'est-ce qu'une PME doit VRAIMENT faire pour être conforme au RGPD ? Sans devenir paranoïaque, sans exploser son budget, sans passer 6 mois sur le sujet ?"}],"\n",["$","p","p-4",{"children":"Voici le guide pratique. Pas du juridique pompeux. De l'actionnable concret."}],"\n",["$","h2","h2-0",{"children":"Le RGPD, c'est quoi en vrai ?"}],"\n",["$","p","p-5",{"children":"Avant de paniquer, comprenons ce que le RGPD demande vraiment."}],"\n",["$","h3","h3-0",{"children":"Les principes de base (en français normal)"}],"\n",["$","p","p-6",{"children":"Le RGPD, c'est un règlement européen qui encadre comment les entreprises collectent, stockent, et utilisent les données personnelles des gens."}],"\n","$L15","\n","$L16","\n","$L17","\n","$L18","\n","$L19","\n","$L1a","\n","$L1b","\n","$L1c","\n","$L1d","\n","$L1e","\n","$L1f","\n","$L20","\n","$L21","\n","$L22","\n","$L23","\n","$L24","\n","$L25","\n","$L26","\n","$L27","\n","$L28","\n","$L29","\n","$L2a","\n","$L2b","\n","$L2c","\n","$L2d","\n","$L2e","\n","$L2f","\n","$L30","\n","$L31","\n","$L32","\n","$L33","\n","$L34","\n","$L35","\n","$L36","\n","$L37","\n","$L38","\n","$L39","\n","$L3a","\n","$L3b","\n","$L3c","\n","$L3d","\n","$L3e","\n","$L3f","\n","$L40","\n","$L41","\n","$L42","\n","$L43","\n","$L44","\n","$L45","\n","$L46","\n","$L47","\n","$L48","\n","$L49","\n","$L4a","\n","$L4b","\n","$L4c","\n","$L4d","\n","$L4e","\n","$L4f","\n","$L50","\n","$L51","\n","$L52","\n","$L53","\n","$L54","\n","$L55","\n","$L56","\n","$L57","\n","$L58","\n","$L59","\n","$L5a","\n","$L5b","\n","$L5c","\n","$L5d","\n","$L5e","\n","$L5f","\n","$L60","\n","$L61","\n","$L62","\n","$L63","\n","$L64","\n","$L65","\n","$L66","\n","$L67","\n","$L68","\n","$L69","\n","$L6a","\n","$L6b","\n","$L6c","\n","$L6d","\n","$L6e","\n","$L6f","\n","$L70","\n","$L71","\n","$L72","\n","$L73","\n","$L74","\n","$L75","\n","$L76","\n","$L77","\n","$L78","\n","$L79","\n","$L7a","\n","$L7b","\n","$L7c","\n","$L7d","\n","$L7e","\n","$L7f","\n","$L80","\n","$L81","\n","$L82","\n","$L83","\n","$L84","\n","$L85","\n","$L86","\n","$L87","\n","$L88","\n","$L89","\n","$L8a","\n","$L8b","\n","$L8c","\n","$L8d","\n","$L8e","\n","$L8f","\n","$L90","\n","$L91"]}]]}]}],"$L92"]
15:["$","p","p-7",{"children":[["$","strong","strong-0",{"children":"Une donnée personnelle"}],", c'est toute information qui permet d'identifier quelqu'un : nom, email, adresse IP, numéro de téléphone, etc."]}]
16:["$","p","p-8",{"children":"Le RGPD pose des règles simples :"}]
17:["$","ol","ol-0",{"children":["\n",["$","li","li-0",{"children":[["$","strong","strong-0",{"children":"Transparence"}]," : dites aux gens ce que vous faites de leurs données"]}],"\n",["$","li","li-1",{"children":[["$","strong","strong-0",{"children":"Finalité"}]," : collectez uniquement ce dont vous avez vraiment besoin"]}],"\n",["$","li","li-2",{"children":[["$","strong","strong-0",{"children":"Durée limitée"}]," : ne gardez pas les données éternellement"]}],"\n",["$","li","li-3",{"children":[["$","strong","strong-0",{"children":"Sécurité"}]," : protégez les données contre les fuites et hacks"]}],"\n",["$","li","li-4",{"children":[["$","strong","strong-0",{"children":"Droits des personnes"}]," : permettez aux gens d'accéder, corriger, supprimer leurs données"]}],"\n"]}]
18:["$","p","p-9",{"children":"Ce n'est pas sorcier. C'est du bon sens : respectez les données des gens."}]
19:["$","h3","h3-1",{"children":"Les amendes (qui font flipper tout le monde)"}]
1a:["$","p","p-10",{"children":"Le RGPD prévoit des amendes jusqu'à 4% du chiffre d'affaires mondial ou 20 millions d'euros (le montant le plus élevé)."}]
1b:["$","p","p-11",{"children":"Cette phrase fait paniquer les PME. \"On va se faire ruiner !\""}]
1c:["$","p","p-12",{"children":"La réalité ? Ces amendes max visent les Google, Facebook, Amazon. Les géants qui abusent massivement et volontairement."}]
1d:["$","p","p-13",{"children":["Pour une PME qui fait des efforts de bonne foi ? La ",["$","a","a-0",{"href":"https://www.cnil.fr/","target":"_blank","rel":"noopener","children":"CNIL"}]," (l'autorité française) privilégie la pédagogie. Elle donne des mises en demeure, demande des corrections. Les amendes arrivent si vous ignorez les avertissements et que vous êtes clairement de mauvaise foi."]}]
1e:["$","p","p-14",{"children":"Bref : oui, le RGPD a des dents. Non, la CNIL ne va pas débarquer pour ruiner votre PME si vous faites des efforts raisonnables."}]
1f:["$","h2","h2-1",{"children":"Les 7 actions concrètes que toute PME doit faire"}]
20:["$","p","p-15",{"children":"Oubliez les audits à plusieurs dizaines de milliers d'euros. Voici ce que TOUTE PME doit mettre en place. C'est faisable en quelques jours."}]
21:["$","h3","h3-2",{"children":"Action #1 : Cartographier vos traitements de données"}]
22:["$","p","p-16",{"children":"Vous devez savoir quelles données vous collectez, pourquoi, où elles sont stockées, combien de temps vous les gardez."}]
23:["$","p","p-17",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," : faites un tableau simple avec :"]}]
24:["$","ul","ul-0",{"children":["\n",["$","li","li-0",{"children":"Quel traitement ? (ex : gestion des clients, newsletter, recrutement)"}],"\n",["$","li","li-1",{"children":"Quelles données ? (nom, email, téléphone, adresse...)"}],"\n",["$","li","li-2",{"children":"Quelle finalité ? (pourquoi vous collectez ça)"}],"\n",["$","li","li-3",{"children":"Où c'est stocké ? (Salesforce, Mailchimp, Google Drive...)"}],"\n",["$","li","li-4",{"children":"Combien de temps gardé ? (3 ans, durée du contrat...)"}],"\n",["$","li","li-5",{"children":"Qui y a accès ? (équipe commerciale, service RH...)"}],"\n"]}]
25:["$","p","p-18",{"children":"Vous n'avez pas besoin d'un consultant à plusieurs milliers d'euros par jour pour ça. Un Google Sheet suffit. Ça vous prend 2-3 heures."}]
26:["$","p","p-19",{"children":[["$","strong","strong-0",{"children":"Ressource gratuite"}]," : la CNIL propose un modèle de registre RGPD téléchargeable gratuitement."]}]
27:["$","h3","h3-3",{"children":"Action #2 : Rédiger une politique de confidentialité claire"}]
28:["$","p","p-20",{"children":"Vous devez expliquer aux gens ce que vous faites de leurs données. C'est obligatoire."}]
29:["$","p","p-21",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," : créez une page \"Politique de confidentialité\" (ou \"Vie privée\") sur votre site qui explique :"]}]
2a:["$","ul","ul-1",{"children":["\n",["$","li","li-0",{"children":"Quelles données vous collectez"}],"\n",["$","li","li-1",{"children":"Pourquoi (quelle finalité)"}],"\n",["$","li","li-2",{"children":"Combien de temps vous les gardez"}],"\n",["$","li","li-3",{"children":"Qui y a accès (vous, vos sous-traitants)"}],"\n",["$","li","li-4",{"children":"Quels sont les droits des personnes (accès, rectification, suppression...)"}],"\n",["$","li","li-5",{"children":"Comment exercer ces droits (email de contact)"}],"\n"]}]
2b:["$","p","p-22",{"children":[["$","strong","strong-0",{"children":"Piège à éviter"}]," : ne copiez-collez pas une politique générique trouvée sur internet. Adaptez-la à VOTRE activité réelle. La CNIL détecte les copier-coller."]}]
2c:["$","p","p-23",{"children":[["$","strong","strong-0",{"children":"Bon plan"}]," : la CNIL propose des modèles gratuits adaptés à différents secteurs."]}]
2d:["$","h3","h3-4",{"children":"Action #3 : Mettre en place un bandeau cookies conforme"}]
2e:["$","p","p-24",{"children":"Votre site utilise probablement des cookies (Google Analytics, pixel Facebook, etc.). Vous devez demander le consentement AVANT de les déposer."}]
2f:["$","p","p-25",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," : installez un outil de gestion de consentement (Cookie Consent Manager). Il y en a des gratuits et des payants."]}]
30:["$","p","p-26",{"children":[["$","strong","strong-0",{"children":"Les règles"}]," :"]}]
31:["$","ul","ul-2",{"children":["\n",["$","li","li-0",{"children":"Le bandeau apparaît AVANT que les cookies soient déposés"}],"\n",["$","li","li-1",{"children":"Le refus doit être aussi facile que l'acceptation (pas de dark patterns)"}],"\n",["$","li","li-2",{"children":"Vous ne pouvez pas bloquer l'accès au site si la personne refuse"}],"\n"]}]
32:["$","p","p-27",{"children":[["$","strong","strong-0",{"children":"Outils gratuits"}]," : Tarteaucitron.js (open-source), ou des solutions comme Axeptio, Didomi (version gratuite limitée)."]}]
33:["$","h3","h3-5",{"children":"Action #4 : Sécuriser vos données"}]
34:["$","p","p-28",{"children":"Vous devez protéger les données contre les fuites, hacks, pertes."}]
35:["$","p","p-29",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," :"]}]
36:["$","ul","ul-3",{"children":["\n",["$","li","li-0",{"children":[["$","strong","strong-0",{"children":"Mots de passe"}]," : imposez des mots de passe forts, utilisez un gestionnaire (1Password, Bitwarden)"]}],"\n",["$","li","li-1",{"children":[["$","strong","strong-0",{"children":"Double authentification"}]," : activez-la partout où c'est possible (Gmail, Salesforce, etc.)"]}],"\n",["$","li","li-2",{"children":[["$","strong","strong-0",{"children":"Chiffrement"}]," : pour les données sensibles (santé, finances), utilisez du chiffrement"]}],"\n",["$","li","li-3",{"children":[["$","strong","strong-0",{"children":"Accès limité"}]," : tout le monde n'a pas besoin d'accéder à tout. Limitez les accès au strict nécessaire"]}],"\n",["$","li","li-4",{"children":[["$","strong","strong-0",{"children":"Sauvegarde"}]," : sauvegardez régulièrement vos données (si votre disque dur lâche, vous êtes conforme au RGPD... mais vous avez tout perdu)"]}],"\n"]}]
37:["$","p","p-30",{"children":"Rien de révolutionnaire. C'est de l'hygiène de base."}]
38:["$","h3","h3-6",{"children":"Action #5 : Permettre l'exercice des droits"}]
39:["$","p","p-31",{"children":"Les gens ont le droit de demander l'accès, la rectification, la suppression de leurs données. Vous devez pouvoir répondre."}]
3a:["$","p","p-32",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," :"]}]
3b:["$","ul","ul-4",{"children":["\n",["$","li","li-0",{"children":["Indiquez un email de contact dans votre politique de confidentialité (ex : ",["$","a","a-0",{"href":"mailto:privacy@votreentreprise.fr","children":"privacy@votreentreprise.fr"}],")"]}],"\n",["$","li","li-1",{"children":["Quand quelqu'un vous écrit, vous avez ",["$","strong","strong-0",{"children":"1 mois"}]," pour répondre"]}],"\n",["$","li","li-2",{"children":"Pour une demande d'accès : envoyez-lui les données que vous avez sur lui"}],"\n",["$","li","li-3",{"children":"Pour une demande de suppression : supprimez (sauf si vous avez une obligation légale de garder, genre factures pendant 10 ans)"}],"\n"]}]
3c:["$","p","p-33",{"children":[["$","strong","strong-0",{"children":"Astuce"}]," : documentez vos réponses. Si un jour la CNIL vous contrôle, vous pourrez prouver que vous traitez les demandes."]}]
3d:["$","h3","h3-7",{"children":"Action #6 : Encadrer vos sous-traitants"}]
3e:["$","p","p-34",{"children":"Vous utilisez des outils SaaS (Salesforce, Mailchimp, Google Workspace, Stripe...). Ces outils traitent des données pour vous. Vous restez responsable."}]
3f:["$","p","p-35",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," :"]}]
40:["$","ul","ul-5",{"children":["\n",["$","li","li-0",{"children":"Vérifiez que vos outils sont conformes RGPD (la plupart des gros SaaS le sont)"}],"\n",["$","li","li-1",{"children":"Signez des Data Processing Agreements (DPA) avec eux. Les gros SaaS ont des DPAs pré-rédigés, il suffit de les activer dans les paramètres"}],"\n",["$","li","li-2",{"children":"Documentez la liste de vos sous-traitants dans votre registre"}],"\n"]}]
41:["$","p","p-36",{"children":[["$","strong","strong-0",{"children":"Attention aux US"}]," : les outils américains posent des questions (loi américaine vs RGPD). Privilégiez des serveurs EU si possible, ou des outils avec Privacy Shield / clauses contractuelles types."]}]
42:["$","h3","h3-8",{"children":"Action #7 : Former vos équipes (5 minutes suffisent)"}]
43:["$","p","p-37",{"children":"Le RGPD, ce n'est pas que le job du boss ou du CTO. C'est toute l'équipe."}]
44:["$","p","p-38",{"children":[["$","strong","strong-0",{"children":"Concrètement"}]," :"]}]
45:["$","ul","ul-6",{"children":["\n",["$","li","li-0",{"children":"Expliquez à votre équipe les bases : ne pas laisser traîner des fichiers clients, ne pas partager des données n'importe comment, faire attention aux emails"}],"\n",["$","li","li-1",{"children":"Sensibilisez sur le phishing (beaucoup de fuites de données viennent de là)"}],"\n",["$","li","li-2",{"children":"Rappelez les bonnes pratiques tous les 6 mois"}],"\n"]}]
46:["$","p","p-39",{"children":"Vous n'avez pas besoin d'une formation de 3 jours. Un email récap + 15 minutes de réunion suffisent."}]
47:["$","h2","h2-2",{"children":"Ce que vous N'AVEZ PAS besoin de faire (si vous êtes une petite PME)"}]
48:["$","p","p-40",{"children":"Le RGPD a créé une industrie de la peur. Beaucoup de cabinets et consultants vous font croire qu'il faut tout un tas de trucs compliqués. Souvent, c'est faux."}]
49:["$","h3","h3-9",{"children":"Vous n'avez PAS besoin d'un DPO (sauf cas particuliers)"}]
4a:["$","p","p-41",{"children":"Le DPO (Délégué à la Protection des Données) est obligatoire uniquement si :"}]
4b:["$","ul","ul-7",{"children":["\n",["$","li","li-0",{"children":"Vous êtes une autorité publique"}],"\n",["$","li","li-1",{"children":"Votre activité principale implique un suivi régulier et systématique de personnes à grande échelle"}],"\n",["$","li","li-2",{"children":"Votre activité principale porte sur des données sensibles à grande échelle (santé, religion, biométrie...)"}],"\n"]}]
4c:["$","p","p-42",{"children":[["$","strong","strong-0",{"children":"Traduction"}]," : une PME classique (commerce, services, SaaS BtoB) n'a PAS besoin de DPO."]}]
4d:["$","p","p-43",{"children":"Si un consultant vous dit \"il vous faut absolument un DPO\" alors que vous êtes une PME de 15 personnes qui vend des logiciels... il vous arnaque."}]
4e:["$","h3","h3-10",{"children":"Vous n'avez PAS besoin d'une Analyse d'Impact (PIA) pour tout"}]
4f:["$","p","p-44",{"children":"Les PIA (Privacy Impact Assessment) sont obligatoires uniquement pour les traitements à haut risque (vidéosurveillance massive, profilage automatisé à grande échelle, traitement de données de santé...)."}]
50:["$","p","p-45",{"children":[["$","strong","strong-0",{"children":"Traduction"}]," : gérer une liste de clients avec nom/email/téléphone ? Pas de PIA nécessaire."]}]
51:["$","p","p-46",{"children":"Faire du ciblage publicitaire hyper-précis avec des données comportementales sensibles ? Oui, PIA nécessaire."}]
52:["$","h3","h3-11",{"children":"Vous n'avez PAS besoin de certifications coûteuses"}]
53:["$","p","p-47",{"children":"Certains organismes vendent des \"certifications RGPD\". Spoiler : elles ne sont pas obligatoires."}]
54:["$","p","p-48",{"children":"Le RGPD n'impose aucune certification. Vous pouvez être conforme sans label. Les certifications peuvent rassurer vos clients (surtout en BtoB), mais elles ne sont pas requises."}]
55:["$","h2","h2-3",{"children":"Les erreurs classiques des PME"}]
56:["$","p","p-49",{"children":"Même avec de bonnes intentions, beaucoup de PME font des erreurs. Voici les plus courantes."}]
57:["$","h3","h3-12",{"children":"Erreur #1 : Copier-coller une politique de confidentialité générique"}]
58:["$","p","p-50",{"children":"Vous téléchargez un modèle, vous changez le nom de l'entreprise, vous publiez. Problème : ça ne correspond pas à votre activité réelle."}]
59:["$","p","p-51",{"children":"La CNIL regarde ça. Si votre politique dit que vous ne collectez que des emails, mais que dans vos CGV vous demandez adresse et téléphone, incohérence. Red flag."}]
5a:["$","p","p-52",{"children":[["$","strong","strong-0",{"children":"Solution"}]," : adaptez votre politique à ce que vous faites VRAIMENT."]}]
5b:["$","h3","h3-13",{"children":"Erreur #2 : Oublier les données RH"}]
5c:["$","p","p-53",{"children":"Les PME pensent \"RGPD = données clients\". Elles oublient les données RH : CVs des candidats, dossiers employés, fiches de paie..."}]
5d:["$","p","p-54",{"children":"Ces données sont couvertes par le RGPD aussi. Il faut les protéger, limiter les accès, définir des durées de conservation."}]
5e:["$","p","p-55",{"children":[["$","strong","strong-0",{"children":"Solution"}]," : incluez les RH dans votre registre et vos process."]}]
5f:["$","h3","h3-14",{"children":"Erreur #3 : Garder les données éternellement \"au cas où\""}]
60:["$","p","p-56",{"children":"\"On ne sait jamais, on pourrait en avoir besoin.\" Non. Le RGPD impose de définir des durées de conservation et de s'y tenir."}]
61:["$","p","p-57",{"children":"Un client inactif depuis 5 ans ? Supprimez. Un candidat non retenu depuis 3 ans ? Supprimez. Un ancien employé parti depuis 10 ans ? Supprimez (sauf obligations légales type fiches de paie)."}]
62:["$","p","p-58",{"children":[["$","strong","strong-0",{"children":"Solution"}]," : définissez des durées dans votre registre et mettez des rappels pour purger régulièrement."]}]
63:["$","h3","h3-15",{"children":"Erreur #4 : Bannir Google Analytics \"par principe\""}]
64:["$","p","p-59",{"children":"Beaucoup de PME ont viré Google Analytics après la décision de la CNIL. Parfois à raison, parfois par panique."}]
65:["$","p","p-60",{"children":"La nuance : Google Analytics 4 (GA4) avec des serveurs EU et anonymisation IP peut être acceptable. Ou bien, basculez sur des alternatives européennes (Matomo, Plausible)."}]
66:["$","p","p-61",{"children":[["$","strong","strong-0",{"children":"Solution"}]," : si vous utilisez GA, configurez-le correctement (serveurs EU, anonymisation). Ou passez sur une alternative conforme."]}]
67:["$","h3","h3-16",{"children":"Erreur #5 : Ne rien faire en attendant qu'on vous contrôle"}]
68:["$","p","p-62",{"children":"\"Personne ne contrôle les PME, on verra plus tard.\" C'est un pari risqué."}]
69:["$","p","p-63",{"children":"La CNIL contrôle aussi les PME. Pas toutes, mais elle en contrôle. Et elle reçoit des plaintes (client mécontent, employé viré qui se venge...)."}]
6a:["$","p","p-64",{"children":"Si vous êtes contrôlé ET que vous n'avez rien fait, l'amende est plus probable."}]
6b:["$","p","p-65",{"children":[["$","strong","strong-0",{"children":"Solution"}]," : faites le minimum. C'est pas si long. Ça vous protège."]}]
6c:["$","h2","h2-4",{"children":"Comment prioriser si vous partez de zéro"}]
6d:["$","p","p-66",{"children":"Vous lisez cet article et vous vous dites \"on n'a rien fait, par où commencer ?\""}]
6e:["$","h3","h3-17",{"children":"Semaine 1 : Le registre (2-3h)"}]
6f:["$","p","p-67",{"children":"Listez vos traitements de données dans un tableau. C'est la base. Sans ça, vous ne savez même pas où vous en êtes."}]
70:["$","h3","h3-18",{"children":"Semaine 2 : La politique de confidentialité (3-4h)"}]
71:["$","p","p-68",{"children":"Rédigez ou adaptez votre politique. Publiez-la sur votre site. Liez-la dans vos formulaires."}]
72:["$","h3","h3-19",{"children":"Semaine 3 : Les cookies (2h)"}]
73:["$","p","p-69",{"children":"Installez un bandeau cookies conforme. Configurez-le correctement."}]
74:["$","h3","h3-20",{"children":"Semaine 4 : La sécurité (1-2h)"}]
75:["$","p","p-70",{"children":"Vérifiez vos mots de passe, activez la double authentification sur vos outils critiques, limitez les accès."}]
76:["$","h3","h3-21",{"children":"Semaine 5 : Les sous-traitants (1-2h)"}]
77:["$","p","p-71",{"children":"Listez vos outils SaaS, vérifiez leurs DPA, signez-les."}]
78:["$","h3","h3-22",{"children":"Semaine 6 : Les droits (30min)"}]
79:["$","p","p-72",{"children":"Créez un email de contact privacy, documentez le process pour répondre aux demandes."}]
7a:["$","p","p-73",{"children":[["$","strong","strong-0",{"children":"Total"}]," : 10-15 heures de travail étalées sur 6 semaines. C'est gérable. Vous n'avez pas besoin d'un consultant à plusieurs dizaines de milliers d'euros."]}]
7b:["$","h2","h2-5",{"children":"Quand faire appel à un consultant RGPD ?"}]
7c:["$","p","p-74",{"children":"Parfois, un consultant fait sens. Mais pas toujours."}]
7d:["$","h3","h3-23",{"children":"Vous DEVRIEZ faire appel à un consultant si :"}]
7e:["$","ul","ul-8",{"children":["\n",["$","li","li-0",{"children":"Vous traitez des données sensibles (santé, religion, biométrie)"}],"\n",["$","li","li-1",{"children":"Vous avez des millions d'utilisateurs et des traitements complexes"}],"\n",["$","li","li-2",{"children":"Vous êtes dans un secteur régulé (banque, assurance, santé)"}],"\n",["$","li","li-3",{"children":"Vous avez subi une plainte ou un contrôle CNIL"}],"\n"]}]
7f:["$","p","p-75",{"children":"Dans ces cas, oui, investissez dans de l'expertise."}]
80:["$","h3","h3-24",{"children":"Vous N'AVEZ PAS besoin de consultant si :"}]
81:["$","ul","ul-9",{"children":["\n",["$","li","li-0",{"children":"Vous êtes une PME classique avec des traitements simples"}],"\n",["$","li","li-1",{"children":"Vous avez du temps pour lire et appliquer les ressources gratuites de la CNIL"}],"\n",["$","li","li-2",{"children":"Vous êtes prêt à passer 10-20 heures sur le sujet"}],"\n"]}]
82:["$","p","p-76",{"children":"La CNIL offre des ressources incroyables gratuitement : guides, modèles, webinaires. Utilisez-les."}]
83:["$","h2","h2-6",{"children":"Les ressources gratuites indispensables"}]
84:["$","h3","h3-25",{"children":"Le site de la CNIL"}]
85:["$","p","p-77",{"children":[["$","a","a-0",{"href":"https://www.cnil.fr/","target":"_blank","rel":"noopener","children":"cnil.fr"}]," est votre meilleure ressource. Sérieusement."]}]
86:["$","ul","ul-10",{"children":["\n",["$","li","li-0",{"children":[["$","strong","strong-0",{"children":"Modèle de registre"}]," : téléchargeable gratuitement"]}],"\n",["$","li","li-1",{"children":[["$","strong","strong-0",{"children":"Guides sectoriels"}]," : par métier (commerce, santé, RH...)"]}],"\n",["$","li","li-2",{"children":[["$","strong","strong-0",{"children":"MOOC RGPD"}]," : formation en ligne gratuite (3h)"]}],"\n",["$","li","li-3",{"children":[["$","strong","strong-0",{"children":"Questions/réponses"}]," : base de connaissance énorme"]}],"\n"]}]
87:["$","h3","h3-26",{"children":"Les générateurs de politique de confidentialité"}]
88:["$","ul","ul-11",{"children":["\n",["$","li","li-0",{"children":[["$","strong","strong-0",{"children":"Privacy Policy Generator"}]," (gratuit pour usage simple)"]}],"\n",["$","li","li-1",{"children":[["$","strong","strong-0",{"children":"Modèles CNIL"}]," (toujours gratuits)"]}],"\n"]}]
89:["$","h3","h3-27",{"children":"Les outils de gestion de cookies"}]
8a:["$","ul","ul-12",{"children":["\n",["$","li","li-0",{"children":[["$","strong","strong-0",{"children":"Tarteaucitron.js"}]," (open-source, gratuit)"]}],"\n",["$","li","li-1",{"children":[["$","strong","strong-0",{"children":"Axeptio"}]," (version gratuite limitée)"]}],"\n"]}]
8b:["$","h2","h2-7",{"children":"Le verdict : c'est chiant, mais c'est faisable"}]
8c:["$","p","p-78",{"children":"Le RGPD fait peur. L'industrie de la conformité amplifie cette peur pour vendre. Mais la réalité, c'est que pour une PME, la conformité RGPD tient en quelques actions concrètes."}]
8d:["$","p","p-79",{"children":"Oui, c'est du temps. Oui, c'est parfois technique. Oui, c'est chiant. Mais non, ce n'est pas la fin du monde."}]
8e:["$","p","p-80",{"children":"Et surtout : au-delà de l'obligation légale, respecter les données de vos clients et employés, c'est juste éthique. Le RGPD formalise ce qui devrait être du bon sens : ne collectez que ce dont vous avez besoin, protégez-le, soyez transparent."}]
8f:["$","p","p-81",{"children":"Alors arrêtez de procrastiner. Bloquez 2h dans votre agenda cette semaine. Commencez par le registre. Puis la politique. Puis les cookies."}]
90:["$","p","p-82",{"children":"Dans un mois, vous serez raisonnablement conforme. Vous dormirez mieux. Et vous pourrez dire à vos clients \"oui, on est conforme RGPD\" sans mentir."}]
91:["$","p","p-83",{"children":"Pas besoin d'être parfait. Juste de bonne foi et organisé. La CNIL ne demande pas plus."}]
92:["$","footer",null,{"className":"border-t border-gray-100 py-16 px-6","children":["$","div",null,{"className":"max-w-7xl mx-auto","children":["$","div",null,{"className":"flex flex-col md:flex-row justify-between items-start md:items-center gap-8","children":[["$","div",null,{"children":[["$","h3",null,{"className":"text-2xl font-bold text-gray-900 mb-2","children":"MicroBlog IT"}],["$","p",null,{"className":"text-gray-600","children":"Votre source d'information tech"}]]}],["$","div",null,{"className":"flex flex-col md:flex-row gap-8 text-sm","children":[["$","$L4",null,{"href":"/","className":"text-gray-600 hover:text-gray-900 transition","children":"Articles"}],["$","$L4",null,{"href":"/#categories","className":"text-gray-600 hover:text-gray-900 transition","children":"Catégories"}],["$","$L4",null,{"href":"/mentions-legales","className":"text-gray-600 hover:text-gray-900 transition","children":"Mentions légales"}],["$","$L4",null,{"href":"/confidentialite","className":"text-gray-600 hover:text-gray-900 transition","children":"Politique de confidentialité"}],["$","$L4",null,{"href":"/cookies","className":"text-gray-600 hover:text-gray-900 transition","children":"Cookies"}],["$","span",null,{"className":"text-gray-400","children":"© 2025 MicroBlog IT"}]]}]]}]}]}]
11:[["$","meta","0",{"charSet":"utf-8"}],["$","meta","1",{"name":"viewport","content":"width=device-width, initial-scale=1"}]]
d:null
f:{"metadata":[["$","title","0",{"children":"RGPD : ce que votre PME doit vraiment faire (sans paniquer) | MicroBlog IT"}],["$","meta","1",{"name":"description","content":"Le RGPD fait peur aux PME. Pourtant, 90% de la conformité tient en quelques actions simples. Guide pratique pour être en règle sans devenir fou ni exploser votre budget."}],["$","meta","2",{"name":"keywords","content":"RGPD, protection données, conformité, PME, CNIL"}]],"error":null,"digest":"$undefined"}
14:"$f:metadata"