Personal Data Protection

Personal data can safely be described as the gold of the 21st century. The development of the digital society continues to increase its value.

The observance of legal regulations in the area of personal data protection is currently one of the key challenges for institutions and businesses. The GDPR provides for fines for failure to adequately protect personal data, which can be up to €10,000,00 or, in the case of businesses, up to 2% of total annual worldwide revenue from the previous financial year.

In addition to potential financial losses, irregularities in compliance with the the GDPR pose a real risk of reputational damage. Its implications can be much more unpleasant and have far-reaching consequences for the trust of partners and clients.

We provide legal advice on personal data protection not only to large companies (including public companies), but also to smaller data controllers and processors. Our services include both audit of the legality of personal data processing under the applicable law as well as legal assistance in the process of adapting data processing procedures to the principles of the GDPR.

Scope of our services

audit of the legality of personal data processing;
advising on the design of new or modification of existing personal data processing operations;
development of documentation and internal procedures necessary to ensure an appropriate level of security of personal data processing;
drafting and analysing personal data processing outsourcing agreements, both for data controllers and data processors;
preparation of disclosure documents required to be submitted when personal data are collected from individuals;
drafting consent clauses for the processing of personal data;
assessment and preparation of legal opinions on the legality of personal data processing;
legal advice on transferring of personal data to external parties, including those located abroad;
representation before supervisory authorities and administrative courts.