Legal Compliance in Employment Law: Employer Obligations

Legal compliance in employment law constitutes a strategic challenge for any French company, regardless of size. In 2026, the regulatory framework has become even more complex: transposition of European directives, strengthened Labour Inspectorate oversight, mandatory digitalization of certain HR processes. An employer that fails to comply risks criminal penalties, URSSAF adjustments, and damage to their employer brand. This article reviews all essential legal obligations — from employment contracts to personal data protection, including occupational health and digital document management — to enable you to act with confidence.

1. Fundamentals of a Compliant Employment Contract

The employment contract remains the cornerstone of the employer-employee relationship. Its legal validity conditions all the rights and obligations of the parties.

Mandatory Form and Content

Since the transposition of European Directive 2019/1152 on transparent and predictable working conditions, which came into full effect in French law via the Ordinance of 1 August 2023, every employer must provide the employee with a written document specifying:

• The identity of the parties and the place of work

• The job title, functions, and employment category

• The start date of the contract and, for a fixed-term contract, its expected duration

• The paid leave entitlement of the employee

• The procedure in case of contract termination

• Remuneration (base salary, any supplements, payment frequency)

• The normal daily or weekly working hours

• The applicable collective agreement

This list is not exhaustive: certain collective agreements or sector-specific agreements may impose additional provisions. An incomplete contract may be reclassified or result in damages.

Trial Period and Renewal Rules

The trial period is strictly regulated by the Labour Code. For permanent contracts (CDIs), it is 2 months for workers and employees, 3 months for supervisory staff and technicians, and 4 months for managers. Renewal is only possible once, provided that a sector agreement explicitly allows it. Any termination during the trial period must comply with notice periods calculated based on the employee's length of service in the company, or else it may be qualified as wrongful dismissal.

Electronic Signature of Employment Contracts

Since the Order of 28 October 2022 validating the dematerialization of pay slips, the trend toward digitalization of HR documents has accelerated. Electronic signature for HR is now a common practice and legally accepted for employment contracts, provided it complies with the requirements of the eIDAS regulation. Advanced electronic signature (AES) or qualified electronic signature (QES) ensures the authenticity of the employee's consent and the integrity of the document, which is fundamental in case of employment disputes.

2. Mandatory Display and Information Obligations

The employer has a continuing obligation to inform employees. This obligation is materialized by mandatory postings in work premises and by providing documents upon hiring and during contract execution.

Mandatory Postings in the Company

Every establishment with at least one employee must display in a visible and accessible manner:

• The contact details of the competent Labour Inspectorate

• The contact details of the occupational health physician and emergency services

• The internal rules (mandatory from 50 employees)

• Texts relating to professional equality and the prohibition of moral and sexual harassment

• The provisions of the applicable collective agreement

• Working days and hours

• The order of departures on leave

• Safety and evacuation procedures

Since the Professional Future Act of 2018, certain information can be made available digitally (intranet, dedicated space), provided all employees have access. This option does not exempt the requirement for physical posting of certain notices.

Mandatory Document Delivery

Upon hiring, the employer must provide the employee with a signed copy of the employment contract and various information documents: information notice on the company health plan, certificate of delivery of internal rules, information on complementary social protection schemes. During the contract period, the monthly pay slip constitutes the most regular documentary obligation. Its dematerialization, now possible without prior employee agreement (unless the employee objects), simplifies administrative management.

3. Occupational Health, Safety, and Risk Prevention

The obligation of safety imposed on the employer has progressively been transformed into an obligation of reinforced means by the jurisprudence of the Court of Cassation. This means that the employer must demonstrate that they have taken all necessary measures to protect the physical and mental health of their employees.

Single Document for the Assessment of Occupational Risks (DUERP)

Mandatory since the Decree of 5 November 2001, the DUERP must be updated at least once per year and whenever there are significant changes in working conditions. Since the Occupational Health Act of 2 August 2021, companies with at least 11 employees have the obligation to file the DUERP on a dedicated digital portal managed by the OPCO, to ensure its preservation for 40 years. This document lists all identified occupational risks and associated prevention measures. Its absence or incompleteness exposes the employer to criminal penalties (fine of €1,500 per employee concerned).

Medical Surveillance of Employees

Every employee benefits from an information and prevention visit (VIP) within 3 months of starting work. Employees exposed to particular risks (night work, hazardous positions, disability) are subject to reinforced individual monitoring. The occupational physician may issue an unfitness opinion that obliges the employer to propose redeployment. Failure to comply with these visits may result in recognition of unforgivable negligence in the event of a work accident.

Prevention of Psychosocial Risks (PSR)

Moral harassment, sexual harassment, and sexist behavior constitute criminal offenses. The employer must designate a sexual harassment referent in any company with at least 250 employees (a Works Council (CSE) referent is mandatory in companies with a Works Council). The establishment of an internal alert procedure and a protocol for handling reports is strongly recommended to demonstrate the employer's diligence.

4. Recurring Social and Administrative Obligations

Legal compliance is not limited to contractual documents. It encompasses a set of periodic and administrative obligations that the employer must master.

Nominative Social Declaration (DSN) and Social Contributions

Since 1 January 2017, the DSN is mandatory for all companies. It replaces all periodic social declarations and is transmitted monthly to URSSAF. Social contribution rates are regularly revised: in 2026, the annual Social Security ceiling (PASS) is set at €47,100, which determines the calculation of many contributions. Any delay or inaccuracy in the DSN may result in late-filing surcharges (1.5% per month) and adjustment notices.

Management of Leave and Working Time

The employer must keep an accurate record of working time for each employee, particularly for employees on a fixed annual hours basis. Since European case law (CJEU, 14 May 2019, UNI Global Union), this obligation to record working time has been reinforced. In 2026, Labour Inspectorate controls frequently focus on the management of overtime and compliance with maximum working hours (10 hours per day, 48 hours per week, 44 hours on average over 12 weeks).

Professional Training and the Personal Training Account (CPF)

The employer has the obligation to ensure the adaptation of employees to their position and to maintain their employability (Article L. 6321-1 of the Labour Code). The professional interview, mandatory every 2 years for each employee, must be formalized and kept. In the absence of sufficient training or interviews over 6 years, the employer must contribute €3,000 to the employee's personal training account (CPF). The digitalization of HR management processes, notably via an AI contract generator and digital signature tools, allows these obligations to be traced and archived reliably.

5. Personal Data Protection and GDPR Compliance in HR

Human resources management involves massive processing of personal data: identification data, health data, banking data, performance-related data. GDPR (Regulation EU 2016/679) imposes strict obligations on the employer as the data controller.

HR Processing Covered by GDPR

Among the most common HR processing, we distinguish: payroll management, working time monitoring, recruitment candidate management (with data retention limited to 2 years for unsuccessful candidates), video surveillance (subject to prior information and proportionality), and monitoring of IT tools provided to employees.

Register of Processing Activities and Employee Rights

Every employer must maintain a register of processing activities (Article 30 of GDPR), which lists each personal data processing, its purpose, the categories of data concerned, the recipients, and retention periods. Employees have the right of access, rectification, and objection regarding their personal data. Establishing a procedure for responding to requests to exercise rights is essential.

Sensitive Data and Special Precautions

Health data (sick leave, unfitness) and data relating to union membership constitute sensitive data within the meaning of Article 9 of GDPR. Their processing is in principle prohibited, except for specific legal exemptions. A breach may result in an administrative fine from the CNIL of up to 4% of annual worldwide revenue or €20 million. To secure all these document flows, using a corporate electronic signature solution compliant with GDPR ensures the traceability and integrity of sensitive HR documents.

Electronic Archiving and Evidentiary Value

The increasing digitalization of HR processes requires mastering the rules of electronic archiving with evidentiary value. A document electronically signed and archived according to NF Z 42-020 standards (digital safe) has the same evidentiary force as a paper document, or even greater thanks to qualified timestamping. The complete guide to electronic signature details the technical and legal conditions for securing your HR document management.

Legal Framework Applicable to Compliance in Employment Law

Employer compliance in employment law is based on a multi-level regulatory structure, combining national law and European Union law.

Labour Code (France) The main foundation is constituted by the Labour Code, whose mandatory provisions apply to every employer established in France. Among the most frequently invoked texts: Article L. 1221-1 (obligation to have a written agreement for fixed-term and part-time permanent contracts), Article L. 4121-1 (general safety obligation), Article L. 6321-1 (training obligation), and Articles L. 1152-1 and L. 1153-1 (moral and sexual harassment).

European Directive 2019/1152 (transparent working conditions) Transposed into French law, this directive requires the provision of complete written information upon hiring and within a maximum of 7 calendar days for essential information. Any failure to provide information may engage the employer's liability.

eIDAS Regulation No. 910/2014 and eIDAS 2.0 For the dematerialization of employment contracts, the eIDAS regulation establishes three levels of electronic signature (simple, advanced, qualified). Advanced electronic signature (AES) is generally recommended for employment contracts because it reliably identifies the signatory and ensures document integrity. Qualified electronic signature (QES), certified by a qualified trust service provider (QTSP), has evidentiary value equivalent to handwritten signature (Article 25 of eIDAS Regulation).

GDPR No. 2016/679 As the data controller, the employer is subject to GDPR obligations for all processing of employee personal data. Penalties for non-compliance can reach €20 million or 4% of annual worldwide revenue (Article 83 of GDPR). The CNIL has published several sectoral guides on HR data management, serving as a practical reference.

Civil Code — Articles 1366 and 1367 Article 1366 of the Civil Code establishes the principle of equivalence between electronic and paper writing, provided that the person on whose behalf the act is made can be properly identified and the act is established and preserved in conditions guaranteeing its integrity. Article 1367 recognizes electronic signature as a valid means of proof, referring to the technical requirements of Decree No. 2017-1416 of 28 September 2017.

ETSI EN 319 132 and ETSI EN 319 122 Standards These European standards define the technical formats of advanced electronic signatures (XAdES, PAdES, CAdES) accepted by qualified providers. Compliance with them is essential to guarantee the evidentiary value of electronically signed documents in an HR or litigation context.

Legal Risks Non-compliant employers face multiple risks: contract requalification, employment tribunal convictions, administrative fines (CNIL, URSSAF, Labour Inspectorate), recognition of unforgivable negligence in case of work accident, and criminal penalties (up to 1 year imprisonment and €3,750 fine for certain Labour Code violations). Documentary compliance, ensured particularly by a certified electronic signature solution, therefore constitutes an investment in legal protection.

To deepen the technical requirements of the eIDAS framework applicable to your HR contracts, consult our guide on eIDAS 2.0 regulation.

Usage Scenarios: HR Compliance in Practice

Scenario 1 — A Mid-Size Industrial Company Streamlines Hiring Contracts

A mid-size industrial company employing approximately 350 employees across three sites faces high recruitment flow with seasonal hiring (80 to 120 fixed-term contracts per year). Previously, contracts were printed, sent by mail or delivered in person, then scanned after handwritten signature. This process generated average delays of 4 to 6 days between contract proposal and effective signature, with a 12% error rate (missing provisions, obsolete versions).

After deploying an advanced electronic signature solution integrated with its HRIS, the signing delay fell to less than 24 hours. The document error rate was reduced to less than 1% thanks to pre-filled contract templates and automatic compliance controls. Automatic archiving with evidentiary value also enabled responding to a Labour Inspectorate request in less than 2 hours, compared to several days previously. The estimated productivity gain is 0.4 FTE in the administrative HR function.

Scenario 2 — An HR Consulting Firm Secures GDPR Compliance

An HR consulting firm specializing in human resources, with 45 consultants spread across multiple regional offices, managed its HR data through heterogeneous tools (spreadsheets, emails, paper files). With the CNIL strengthening sector-specific controls in 2025, the firm decided to audit its practices. The audit revealed the absence of a formalized register of processing activities, uncontrolled retention periods for candidate files, and employment contracts archived without integrity guarantees.

The implementation of a document management platform integrating eIDAS-compliant electronic signature centralized all contractual documents, automated purges according to legal retention periods, and automatically generated the GDPR register. In case of an inspection, each signed document has a complete audit trail (signatory identity, qualified timestamp, certified integrity). The firm thus reduced its exposure to CNIL sanction risk by 65% and can now respond to employee rights requests in less than 72 hours.

Scenario 3 — A Franchise Distribution Network Managing Multi-Site Franchisees and Employees

A franchise distribution network comprising 28 retail outlets and employing a total of approximately 180 employees (permanent contracts, fixed-term contracts, apprenticeship agreements) faced significant inconsistency in document practices across different units. Some franchisees used obsolete contract templates that did not comply with recent legislative changes.

The integration of a library of contract templates updated in real time, combined with a centralized electronic signature workflow, standardized document practices across the entire network. The rate of document compliance in internal audits increased from 71% to 97% within 12 months. The traceability of consents (delivery of internal rules, health plan information, remote work agreement) is now guaranteed for all network employees, significantly reducing exposure to employment litigation.

Conclusion

Legal compliance in employment law is a demanding discipline that mobilizes legal, administrative, and now technical expertise. In 2026, the employer must simultaneously master contractual obligations, occupational health and safety rules, personal data protection, and new electronic signature standards. Ignoring any one of these dimensions exposes the company to increasing penalties and costly litigation.

The digitalization of HR processes, when based on tools compliant with eIDAS and GDPR standards, is a powerful lever for reducing risks and gaining operational efficiency. Certyneo supports HR teams in this transformation by offering a certified, intuitive, and secure electronic signature solution.

Ready to secure your HR processes? Discover our pricing and start free today.