docs: renommer fichiers EN→FR pour cohérence linguistique

Entités: - entities-overview.md → vue-ensemble.md États (Lifecycles): - user-account-lifecycle.md → compte-utilisateur.md - content-lifecycle.md → contenu.md - session-lifecycle.md → session.md - report-lifecycle.md → signalement.md - export-lifecycle.md → export-donnees.md - parental-consent-lifecycle.md → consentement-parental.md - account-deletion-lifecycle.md → suppression-compte.md - breach-incident-lifecycle.md → incident-breach.md Séquences: - authentication-flow.md → authentification.md - token-refresh.md → refresh-token.md (terme technique conservé) - content-moderation.md → moderation-contenu.md - content-report.md → signalement.md
2026-02-08 18:17:48 +01:00
parent 4b28db3465
commit 62fe0ed5eb
13 changed files with 0 additions and 0 deletions
--- a/docs/domains/_shared/states/incident-breach.md
+++ b/docs/domains/_shared/states/incident-breach.md
@@ -0,0 +1,44 @@
+# Cycle de vie - Incident de violation de données
+
+## Diagramme
+
+```mermaid
+stateDiagram-v2
+    [*] --> Detected: Alerte monitoring
+
+    Detected --> Contained: Confinement immédiat (H+0)
+
+    Contained --> UnderInvestigation: Évaluation gravité (H+24)
+
+    UnderInvestigation --> Resolved: Risque faible (mesures suffisantes)
+    UnderInvestigation --> CNILNotificationRequired: Risque utilisateurs
+
+    CNILNotificationRequired --> CNILNotified: Notification CNIL (< H+72)
+
+    CNILNotified --> Resolved: Pas de risque élevé utilisateurs
+    CNILNotified --> UsersNotificationRequired: Risque élevé
+
+    UsersNotificationRequired --> UsersNotified: Email + push utilisateurs (< H+72)
+
+    UsersNotified --> Resolved: Post-mortem + correctifs
+
+    Resolved --> [*]
+```
+
+## Règles
+
+| État | Valeur | Délai max |
+|------|--------|-----------|
+| Detected | `detected` | H+0 |
+| Contained | `contained` | H+0 (immédiat) |
+| Under Investigation | `under_investigation` | H+24 |
+| CNIL Notification Required | `cnil_notification_required` | H+48 |
+| CNIL Notified | `cnil_notified` | H+72 (Article 33 RGPD) |
+| Users Notification Required | `users_notification_required` | H+48 |
+| Users Notified | `users_notified` | H+72 (Article 34 RGPD) |
+| Resolved | `resolved` | Post-incident |
+
+**Sévérité** : `low` / `medium` / `high` / `critical`
+**Notification CNIL** : Obligatoire si risque pour droits/libertés utilisateurs
+**Notification utilisateurs** : Obligatoire si risque **élevé**
+**Runbook** : `docs/rgpd/procedure-breach.md`