Personal data protection
Current market trends and legislative projects demonstrate how important it is for innovative businesses to address privacy and personal data protection issues as early as during the development of a given project, in line with the concept of privacy by design. Our project teams assist clients in developing privacy-friendly mechanisms, procedures and documentation. We also advise on the identification and management of personal data processing.
The GDPR is directly applicable, i.e. applies directly to all undertakings processing personal data in the EU.
IMPORTANT: It is the responsibility of the undertaking to demonstrate compliance with the GDPR.
High fines, which can reach up to EUR 20 million or 4% of the total annual worldwide turnover of an undertaking, make personal data protection compliance vital for your company.
How can we help you?
- Prepare and conduct a data protection audit.
- Advise on the development and implementation of personal data security standards.
- Prepare personal data processing documentation.
- Conduct relevant risk analyses or data protection impact assessments where required by law.
- Provide comprehensive advice on transactions involving access to personal data.
- Provide full support in projects involving the transfer of personal data to third countries (in particular with regard to cloud computing and other IT solutions).
- Advise you in the event of a personal data breach; if necessary, and should you decide to do so, we will report the breach to PUODO (President of the Personal Data Protection Office) on your behalf.
- Prepare and train a person within your organisation to act as Data Protection Officer or coordinator, or will take on this role ourselves if you so decide.
- Provide training on data protection for your staff and associates.
- Audit processors who process personal data controlled by your company.
- Represent you in proceedings before the PUODO and other administrative and court proceedings concerning personal data.
Selected experience
Financial sector company
Real estate developer
Real estate developer
Airline
Swedish distributor of dietary supplements
Manufacturer and seller of jewellery
Architectural and engineering services company
Leading airport
Financial broker
A Japanese architectural, civil engineering and general contracting group company
Fertiliser manufacturer
Gaming industry manufacturer
Manufacturer of continuous flow water heaters and filtering systems
IT company
Leading Polish company of the lighting industry
GDPR news
We have supported ERGO Hestia in the certification process
We recently supported our client in obtaining ISO 27001 and ISO 27017 information security certifications. This was not only an ambitious legal challenge, but above all an interesting and inspiring joint project.
CJEU judgment on data transfer to the USA
On 16 July the Court of Justice of the European Union announced its judgment in Case C-311/18 (Data Protection Commissioner/Maximilian Schrems and Facebook Ireland) What did the Court decide? The Court of Justice invalidated Commission Decision 2016/1250 on the...
Return to a new “normality” at work
Due to the SARC-CoV-2 pandemic, measures to prevent the spread of the disease have been implemented in Poland. Regardless of whether the hazard takes a chronic form or whether it is possible to quickly eliminate the pathogen from public spaces, the time to return to...