Personal Data Protection Office

In January 2022, the President of the Personal Data Protection Office (“DPDO“) of Poland fined both a data controller and processor for their failure to implement appropriate technical and organisational measures to ensure the security of personal data. In particular, the data controller failed to exercise its GDPR right to audit and inspect

Map of Warsaw, PolandThe reorganization of the Personal Data Protection Office (UODO), which took place in December 2019, warrants an assumption that 2020 will see increased activity from the supervisory authority. The UODO’s creation of three new departments indicates that the officers intend to specialize further to boost the efficiency of personal data protection inspections, in particular data breaches. Therefore, it is worth analyzing the definition of a breach, based on the decisions issued by the President of UODO in 2019.
Continue Reading Poland: Expected Enforcement Actions in 2020 and Beyond. Who Should Beware?