About us
The GDPR has already been part of the legal landscape in Poland for more than 5 years. Despite this, entities subject to its provisions are still struggling to organise their activities in a way that is compliant with the GDPR or to fulfil their obligations under the GDPR.
These challenges, it seems, are largely due to the nature of the GDPR provisions. Indeed, the GDPR contains a large number of vague concepts, general clauses and other regulations which, due to their general nature, give room for varying interpretations.
For this reason, we have created a live GDPR commentary in which we will provide key information about GDPR provisions and their practical application. We have tried to write in as accessible a way as possible (although, we admit, this is not easy everywhere) in order to help those who come into contact with this law on a daily basis to interpret the provisions and to comply with their obligations under the GDPR.
We will regularly add comments to further articles. We will also update comments already written.
We hope that our service will prove helpful to all those who deal with the issues of personal data protection law in practice, and that it will contribute to the popularisation of knowledge about the personal data protection regulations.
We wish you enjoyable reading.
-
Karolina Romanowska
Adwokat. She specialises in data protection and privacy issues, in particular in the HR area. Represents clients in proceedings before the supervisory authority, including in the context of personal data protection violations. Karolina participates in the negotiation of agreements concerning the processing of personal data. She is involved in the structuring of international data flows within and outside capital groups. She advises clients on day-to-day personal data issues, which includes responding to data subject requests, preparing privacy policies, conducting DPIAs, balance testing, structuring HR and marketing processes in accordance with the GDPR. She conducts due diligence audits and advises on personal data issues in a transactional context.
She has extensive experience in implementing the GDPR and advising Polish and international entities in the field of personal data in, among others, the fields of medicine, financial services, logistics, food and beverage, sports and e-commerce.
She is recommended by The Legal 500 EMEA in the area of personal data.
-
Łukasz Rutkowski
Attorney-at-law. He advises clients from a range of industries, including financial services, banking, e-commerce, IT, logistics and FMCG.
He has participated in GDPR implementation projects and compliance audits. He analyses products, processes, IT solutions (software, mobile apps) and services (e.g. using profiling, AI and the internet of things) for compliance with data protection regulations (including industry regulations) and e-privacy regulations.
He supports clients in conducting data protection impact assessments and handling data subject requests. He provides ongoing advice on data protection rules, including in the context of HR and FinTech.
He also advises clients on legal compliance of their online activity.
He supports clients in negotiating contracts involving data protection and IT issues (implementation agreements, licence agreements, and implementation of cloud solutions, SaaS and mobile apps). He is involved in preparing due diligence reports and transactional advice on legal aspects of data protection, e-commerce and IT.
He holds CIPP/E and CIPM credentials from the International Association of Privacy Professionals.
