We use cookies to personalise the website and offer you the greatest added value. They are, among other purposes, used to analyse visitor usage in order to improve the website for you. By using this website, you agree to their use. Further information can be found in our data privacy statement.

Personal data protection and new technologies





Personal data security is an important aspect of pursuing a business. Personal data regulations impose certain rules of procedure on entities (among others, enterprises) collecting and processing personal data.
Quick technological progress, development of new technologies and the social and economic integration resulting from the single EU market lead to an exponential growth of the scale at which personal data are collected, used and circulated. The EU strives to ensure an EU-uniform degree of protection of individuals’ security in connection with personal data processing. The General Data Protection Regulation (GDPR) has been in force since May 2018. It introduced a number of new obligations which involve, among others, reviewing internal data processing activities and preparing relevant documentation. Technological requirements have been set, too. Under the new regulations, data controllers must adjust the level of security of the processed data to the applicable guidelines and monitor it regularly.


In this section we are going to analyse for you the GDPR and other EU laws on personal data protection as well as inform you about the relevant steps of the Polish lawmakers. Please contact us directly and use the knowledge and experience of our experts.
We offer comprehensive legal advice and assistance at every stage of adapting your business to current laws. Our attorneys-at-law and IT security experts are available to you in the Rödl & Partner offices in Cracow, Gdansk, Gliwice, Poznan, Warsaw and Wroclaw.



Read more:

Do you process data in a mobile app? Be prepared for an inspection by the Personal Data Protection Office

Like every year, the President of the Personal Data Protection Office (PDPO) published in January an inspection schedule for 2022. More » 

How to assess a personal data incident?

Personal data breaches may happen to any organisation. Depending on numerous factors such as the reasons, extent or risk of certain ramifications, they may trigger specific GDPR obligations for data controllers. More »

Are you a controller? You need to quickly identify data breaches

In its decision of 22 April 2021, the President of the (Polish) Personal Data Protection Office (PDPO) imposed an administrative fine of PLN 1,136,975 on the data controller – Cyfrowy Polsat S.A. More »

Whistleblowers and GDPR

The whistleblowing system is a challenge for the security of personal data processing in an organisation. Before implementing it, you should remember about ensuring anonymity and confidentiality of data. More »

President of the Polish Personal Data Protection Office has slapped the first fine for breach of the GDPR

Nearly 10 months after the effective date of GDPR, the President of the Polish Personal Data Protection Office (PDPO) has imposed the very first fine for unlawful data processing. More »

Right to erasure and data retention policy

Among the new personal data protection laws, particular controversy is sparked by Article 17 of GPDR, which gives data subjects the right to obtain erasure of their data. More »

GDPR – guidelines for mobile app developers

In recent times, computers or laptops have been losing popularity, giving way to mobile devices such as smartphones, smartwatches or tablets, which are gradually becoming our basic working tools. More »

GDPR in e-commerce

GDPR has been in full force since 25 May 2018 and the media regularly report news about absurdities resulting from wrong interpretation of GDPR provisions. More »

GDPR in marketing

25 May 2018 brought a lot of changes to the processing of personal data. On that day the long awaited and broadly publicised GDPR came into force to change the rules of personal data protection. More »

GDPR – what will change in the HR domain?

25 May 2018 means a revolution in the processing of personal data. Regulation of the European Parliament and of the Council of 27 April 2016 introduces many changes to be faced by all enterprises. More »

GDPR: Data Protection Officer

According to Recital 4 GDPR, the right to the protection of personal data is not an absolute right. It must be considered in relation to its function in society and be balanced against other fundamental rights. More »

GDPR and the consent to personal data processing

One of the fundamental rules set in the General Data Protection Regulation (GDPR) says that data subjects must consent to the processing of their personal data. More »

Be careful who you entrust personal data to

Enterprises being data controllers often disclose personal data to various suppliers who thus become data processors. More » 

How to monitor employees lawfully?

We are monitored and tracked every day – on the streets, in shops, in car parks, within housing estates, at entrances to buildings and at work. More »

GDPR – revolutionary amendments to take effect as soon as from May 2018

In May 2018, personal data protection and processing laws will start to apply across the EU. GDPR introduces severe penalties for non-compliance with the GDPR requirements. More » 

Personal data: consequences of processing, assessment of risk and threats, rules for profiling

It is only by May 2018 when enterprises have time to adapt to new EU legislation on personal data processing and protection. More »


Contact Person Picture

Jarosław Kamiński

Attorney at law (Poland)

Associate Partner

+48 22 244 00 27
+48 694 207 482

Send inquiry


 LET'S stay in touch

Deutschland Weltweit Search Menu