The most important legal act concerning protection of personal data in
The main requirements for the data controller (in most cases – your company operating in
- To process personal data on the basis of legal prerequsites
- To inform data subject about its rights and the data controller status
- To register the data files in the Inspector General Office
- To secure the personal data from uncontrolled access
- To remove the personal data in case of request from data subject
Personal data usually can not be transferred outside of EEA (European Economic Area) without prior approval of the data subject. However, it can be transferred without restrictions in the European Union and few other countries (e.g.
Not applying the provisions of the Polish Act on Personal Data Protection can lead to criminal responsibility, in some cases even to three years of imprisonment. More often it leads to the administrative proceeding.
In case of any questions please contact the author.