On March 26, 2019, the Polish Data Protection regulator (Urząd Ochrony Danych Osobowych – UODO) announced the first administrative fine imposed on a Warsaw-based company for failure to meet the informational obligation toward the data subjects whose data it processed, in violation of article 14 of the General Data Protection Regulation (GDPR). The fined company … Continue Reading
Within the vast range of changes implemented by the General Data Protection Regulation (GDPR), the scope of consent is mentioned as one of the most controversial. GDPR lists several basis for personal data processing, including consent of a data subject or legitimate business purpose of a data controller. Here we present a brief overview of … Continue Reading
On 28 March 2017, the Ministry of Digital Affairs (the “Ministry”) presented a preliminary draft of some of the provisions of the new Personal Data Protection Act. The remaining part of the Act that is not included in the presented project – which concerns regulations on the new data protection authority’s system position, transitional rules, … Continue Reading