Website Rules in France
French websites must comply with the LCEN (mentions légales), GDPR enforced by the CNIL, and strict cookie consent rules. The CNIL is one of Europe's most active data protection authorities, known for issuing large fines for dark-pattern cookie banners.
Data protection authority:
Commission Nationale de l'Informatique et des Libertés
(CNIL)
Requirements
5
country-specific rules
Guides
0
guides available
Specific requirements for France
Mentions légales (LCEN)
The LCEN (Loi pour la Confiance dans l'Économie Numérique) requires every French website to display mandatory legal notices including company name, registered address, SIREN/SIRET number, publication director, and hosting provider details.
SIREN/SIRET number display
French businesses must display their SIREN (9 digits) or SIRET (14 digits) number on their website. This is the unique business identification number assigned by INSEE.
CNIL cookie enforcement
The CNIL enforces strict cookie consent rules. Consent banners must offer an equally prominent "Refuse all" button alongside "Accept all". Pre-ticked boxes and dark patterns are prohibited.
Accessibility (RGAA)
France's RGAA (Référentiel Général d'Amélioration de l'Accessibilité) sets web accessibility standards based on WCAG 2.1. Public sector and large private companies must publish an accessibility statement.
Privacy policy (RGPD)
Under the RGPD (the French term for GDPR), every website processing personal data must provide a clear privacy policy covering data collection, legal basis, data processors, retention periods and user rights.
Enforcement in France
In January 2022, the CNIL fined Google €150 million and Facebook €60 million for making it difficult for users to refuse cookies — the "Accept" button was prominent but refusing required multiple clicks. This landmark enforcement against dark-pattern cookie banners set the standard across Europe.
Official resources
Check your website for France requirements
Our scanner checks for France-specific requirements automatically.