Data protection

Data protection legislation obliges all entrepreneurs to take measures to secure the data of employees, customers and clients. The preparation and implementation of an effective strategy for the collection, processing and storage of the collected data protects entrepreneurs from serious legal consequences under several legal acts:

• Data Protection Regulation (RODO);
• Act on the provision of electronic services;
• of the Act on Combating Unfair Competition;
• industry regulations, e.g. telecommunications and banking law.

Company data protection audit

Before embarking on extensive data protection activities, we audit the client’s business for compliance with the requirements of the RODO and national data protection legislation.

• we check what data the client collects and processes;
• we check the correct functioning of the systems for their processing, the completeness of procedures and documentation;
• we audit data processors and check that they fulfil their obligations to adequately secure data;
• we make recommendations for the improvement of the non-conformities identified and formulate ways to avoid future risks resulting from the actions taken by businesses.

Data protection – our offer

As part of our data protection offer, our law firm offers comprehensive support to entrepreneurs consisting of, among other things:

• consultation on the compliance of solutions using personal data;
• training courses in which we explain the practical aspects of data protection;
• preparing information clauses on the principles for processing personal data;
• The creation of a Personal Data Protection Policy;
• keeping a register of processing operations;
• keeping a register of categories of processing activities;
• RODO compliance audit;
• support for the implementation of requests under RODO;
• support in the selection of appropriate technical and organisational measures;
• representation in proceedings involving complaints about the processing of personal data in breach of the RODO.

If a breach of personal data has occurred, we help Clients to assess the risk of infringement of the rights or freedoms of individuals, which is the basis for taking the next steps, i.e. informing the President of the Data Protection Authority and the data subject of the breach. The risk analysis is carried out on the basis of the Client’s existing procedures and the widely accepted guidelines of the European Network and Information Security Agency (ENISA).

In a scenario where a breach has occurred, we offer support during an inspection by the President of the Office for Personal Data Protection, as well as in proceedings before the Provincial and Supreme Administrative Court.

Data Protection Officer

At the client’s request, we act as the data protection officer (DPO) or, as an external advisor, provide the necessary support during the execution of the tasks by the client’s appointed DPO.

If you want to entrust the security of your company’s personal data to a lawyer who will provide a high standard of service, we encourage you to get in touch. Our lawyers are experienced in dealing with companies in a variety of industries, and the solutions they propose will be tailored to the specifics of your business.