Whether you are a large corporation or a small company, an administrator or a processor, or perhaps an individual whose privacy rights have been violated, we provide professional assistance and advice.
GDPR
- data protection -
by not complying with them you expose yourself to liability
regulatory compliance will protect You from fines
transparent rules show professionalism
privacy is increasingly valued by contractors and employees alike
we will check the correctness of your regulations and propose necessary changes
we will prepare full GDPR
documentation for you or supplement existing documentation
we can help you implement periodic or initial training for your staff
You can also entrust us to act as your company's Data Protection Officer
You can count on the explanation of any doubts in an accessible and understandable way
we will handle your case before the office if you want to file a complaint or someone has filed a complaint against you
Whether you are a large corporation or a small company, an administrator or a processor, or perhaps an individual whose privacy rights have been violated, we provide professional assistance and advice.
we are a reputable and experienced law firm
we have extensive experience in GDPR consulting and implementation
we are up to date and constantly improving our qualifications
we employ the best specialists
we are well prepared in terms of content
we will handle your case individually and with full professionalism
GDPR is short for “”General Data Protection Regulation””. It is a legal act that applies to all members of the European Union. It has been in force in Poland since May 25, 2018, and replaced the previous Polish law from 1997.
The GDPR formulates rules for the protection of personal data, i.e. any information that directly or indirectly identifies an individual. This includes, in particular, first and last name, registered e-mail address, identification numbers (e.g. Tax ID, Personal National ID), location data, Internet Protocol (IP) identifier and any other information that, alone or in combination, identifies an individual.
Sensitive data is otherwise known as special category data, which is subject to special protection under the GDPR. Sensitive data includes disclosure data: 1) racial or ethnic origin, 2) political views, 3) religious or philosophical beliefs, 4) trade union membership, 5) genetic data, 6) biometric data, 7) health status,8) issues related to sexuality or sexual orientation.
The GDPR applies to anyone who processes personal data of individuals beyond personal use. The controller of personal data, for example, will be an entrepreneur vis-à-vis his employees and customers, but also an individual who has installed monitoring on his property vis-à-vis people entering the premises.
A Data Protection Officer (DPO) is a person who has specialized knowledge in data protection and assists the Administrator in carrying out his duties. This is a function that can be entrusted by the Data Controller to its employee or a third party. The GDPR requires some Administrators to appoint a DPO, but any Administrator can also appoint a DPO voluntarily.
The GDPR information clause must be provided to each person whose data we process as a Personal Data Controller. If we have obtained personal data directly from the person (e.g., a client has approached us or a potential employee has submitted a resume to us), the information clause should be provided already at the time of obtaining the data (depending on the situation, e.g., under the contact form, in the website privacy policy, in the job advertisement).
Yes – because the owner of the online store processes the personal data of buyers and visitors to the store’s website, or those who create an account there. A person running an online store should have complete data protection documentation in place, and the website must contain the relevant information required by the GDPR.
MEET OUR TEAM
Graduate of the Faculty of Law and Administration of the University of Lodz
Graduate of Law at the Faculty of Law and Administration of the Nicolaus Copernicus University in Toruń.
Blog
The application of the so-called Kamilka Act and data protection standards
Table of Contents: New obligations related to the so-called Kamilka Act What to pay attention to when processing personal data…
Implementing the Whistleblower Act? Update GDPR!
Table of Contents: Identification of Purposes and Legal Bases Data Minimization Ensuring Data Confidentiality Fulfillment of Information Obligations Data Protection…