GDPR

- data protection -

WHY YOU SHOULD ENSURE COMPLIANCE WITH GDPR

THE PROVISIONS OF THE GDPR ARE THE LAW IN FORCE

by not complying with them you expose yourself to liability

SECURITY

regulatory compliance will protect You from fines

PROFESSIONALISM

transparent rules show professionalism

PRIVACY PROTECTION

privacy is increasingly valued by contractors and employees alike

WHAT WE WILL DO FOR YOU

WE WILL CARRY OUT AN AUDIT

we will check the correctness of your regulations and propose necessary changes

IMPLEMENTATION

we will prepare full GDPR
documentation for you or supplement existing documentation

TRAINING

we can help you implement periodic or initial training for your staff

DPO OUTSOURCING

You can also entrust us to act as your company's Data Protection Officer

ONGOING COUNSELING

You can count on the explanation of any doubts in an accessible and understandable way

REPRESENTATION BY THE OFFICE OF THE POLISH DATA PROTECTION COMMISSIONER

we will handle your case before the office if you want to file a complaint or someone has filed a complaint against you

WHO MAY BENEFIT FROM OUR SERVICES

Whether you are a large corporation or a small company, an administrator or a processor, or perhaps an individual whose privacy rights have been violated, we provide professional assistance and advice.

WHY US

WE ARE A REPUTABLE LAW FIRM

we are a reputable and experienced law firm

WE HAVE BIG EXPERIENCE

we have extensive experience in GDPR consulting and implementation

WE CONSTANTLY IMPROVING OUR QUALIFICATIONS

we are up to date and constantly improving our qualifications

WE EMPLOY SPECIALISTS

we employ the best specialists

WE ARE EXPERTS

we are well prepared in terms of content

WE APPROACH EACH CASE INDIVIDUALLY

we will handle your case individually and with full professionalism

FAQ

GDPR is short for “”General Data Protection Regulation””. It is a legal act that applies to all members of the European Union. It has been in force in Poland since May 25, 2018, and replaced the previous Polish law from 1997.

The GDPR formulates rules for the protection of personal data, i.e. any information that directly or indirectly identifies an individual. This includes, in particular, first and last name, registered e-mail address, identification numbers (e.g. Tax ID, Personal National ID), location data, Internet Protocol (IP) identifier and any other information that, alone or in combination, identifies an individual.

Sensitive data is otherwise known as special category data, which is subject to special protection under the GDPR. Sensitive data includes disclosure data: 1) racial or ethnic origin, 2) political views, 3) religious or philosophical beliefs, 4) trade union membership, 5) genetic data, 6) biometric data, 7) health status,8) issues related to sexuality or sexual orientation.

The GDPR applies to anyone who processes personal data of individuals beyond personal use. The controller of personal data, for example, will be an entrepreneur vis-à-vis his employees and customers, but also an individual who has installed monitoring on his property vis-à-vis people entering the premises.

A Data Protection Officer (DPO) is a person who has specialized knowledge in data protection and assists the Administrator in carrying out his duties. This is a function that can be entrusted by the Data Controller to its employee or a third party. The GDPR requires some Administrators to appoint a DPO, but any Administrator can also appoint a DPO voluntarily.

The GDPR information clause must be provided to each person whose data we process as a Personal Data Controller. If we have obtained personal data directly from the person (e.g., a client has approached us or a potential employee has submitted a resume to us), the information clause should be provided already at the time of obtaining the data (depending on the situation, e.g., under the contact form, in the website privacy policy, in the job advertisement).

Yes – because the owner of the online store processes the personal data of buyers and visitors to the store’s website, or those who create an account there. A person running an online store should have complete data protection documentation in place, and the website must contain the relevant information required by the GDPR.

MEET OUR TEAM

TOMASZ MADEJCZYK
LEGAL ADVISOR

Graduate of the Faculty of Law and Administration of the University of Lodz

KAROLINA SALSKA
LEGAL COUNSEL

A graduate of Law and Administration Faculty of Jagiellonian University in Kraków

ANNA SOBCZYK
LEGAL COUNSEL

Graduate of Law at the Faculty of Law and Administration of the Nicolaus Copernicus University in Toruń.

Blog

Jaka jest istota podziału przez wyodrębnienie

The conclusion of a contract and consent to the processing of personal data

The contract serves as the fundamental legal instrument regulating relationships between various entities. Even if it is entered into between…

Is it necessary to obtain consent to receive a newsletter?

Translation to English: Mailing is a very common marketing tool, serving as a bridge to establish closer contact with potential…