Personal data Protection in Poland / GDPR in Poland

Our Law Firm in Poland performs comprehensive services covering data protection and the field of the regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC  (“GDPR”).

In very general, our personal data protection in Poland services we can be divided into following groups:

Comprehensive examination and compliance Clients business activity with legal obligations in the scope of personal data protection in Poland / GDPR in Poland

The main purpose of the compliance is to determine whether the Polish Data Controller has any gaps or hazards in regard of the processing of personal data in Poland. The assessment will allow to determine the potential risk, as well as possible post-audit activities, the implementation of which will increase the security of personal data processing in Poland.

In the area of personal data protection compliance in Poland we perform in particular:

  • Analysis and evaluation of the Client’s activity in terms of meeting legal obligations of personal data protection in Poland;
  • Assessment of the compliance of personal data processing by Client;
  • Examining the existence of potential gaps and weaknesses related to activities performed on personal data in Poland;
  • Analysis and evaluation of the Client’s IT system functioning (detection of vulnerabilities, gaps together with the assessment of potential threats);
  • Verification of security software and other mechanisms to prevent unauthorized access personal data in Poland;
  • Consultations at every stage of the audit in regard of the personal data protection;
  • Final assessment along with post-control recommendations;

Preparation of a personal data protection system and documentation corresponding to the requirements of the GDPR in Poland

It is all activities aimed at creating a new or adapting comprehensive system of personal data protection in Poland. Our Law Firm in Poland prepares for Clients in particular following personal data protection documentation in Poland:

  1. Record of processing activities” of personal data in Poland;
  2. Personal data risk analysis in Poland;
  3. Consents to the processing of personal data in Poland;
  4. The entrustment of personal data processing in Poland agreement;
  5. Security Policy of personal data protection in Poland
  6. Authorizations for the processing of personal data;

Ad hoc legal support in the field of personal data protection in Poland in specified problematic matters

Legal support in the field of personal data protection in Poland/ GDPR in Poland, under which we propose, among others:

  • Consultations on the protection of personal data;
  • Support in fulfilling legal obligations and supervising data processing processes in Poland;
  • Issuing opinions on contracts, regulations and procedures in terms of personal data protection in Poland;
  • Help in developing the necessary documentation;
  • Assessment of the compliance of personal data processing with the law.

Personal data protection trainings in Poland

The scope of data protection trainings depends on Clients need. It may be basic, which introducing the issue of personal data protection with an emphasis on the processing of personal data in practical terms. We perform also more advance trainings for private and public entities. Trainings may be addressed to Clients personnel or directly to management body.

Performing the function of Personal Data Inspector in Poland

Our Law Firm in Poland – partners or associates act also as Personal Data Inspector of our Clients. In the first instance scope of Personal Data Inspector in Poland services are described in applicable law regulations:

  • informing the Data Controller, the processor and employees who process personal data, about the obligations incumbent upon them under this regulation and other EU or Member State data protection laws and advise them in this matter;
  • monitoring compliance with the GDPR in Poland, other EU or Member States’ data protection laws and policies of the controller or processor in the field of personal data protection, including segregation of duties, awareness raising activities, training of personnel involved in processing operations and related audits;
  • providing on-demand recommendations as to the impact on data protection and monitoring its implementation in accordance with Article 35 GDPR;
  • cooperation with the supervisory body;
  • acting as a contact point for the supervisory body in matters related to processing, including prior consultations referred to in Article 36 of GDPR, and consultations, as appropriate, on all other matters.