General Data Protection Regulation (GDPR)

Are you ready for the new regulation?

On 24 May 2016, a new EU regulation on the protection of personal data entered into force. The regulation is binding and is directly applicable to all establishments which use personal data for their business purposes. The new law is binding in all 28 European Union countries and replaces the currently binding local personal data protection law.

Currently, we are in the preparatory period for businesses to implement the requirements of the regulation, which will be fully applicable from 25 May 2018 onwards.

 

The new regulation, GDPR (General Data Protection Regulation), introduces a number of changes to the rules governing the protection of personal data, such as:

  • obligation to apply personal data protection at the design phase (e.g. for IT solutions)
  • obligation to maintain a record of processing activities
  • obligation to perform a privacy impact assessment
  • obligation to notify the data protection authority of data protection breaches

Failure to comply with the provisions of the new regulation may result in the imposition of a financial penalty by the data protection authority (up to EUR 20 million or 4% of annual turnover ).

 

 

To support you in the implementation of the new regulation, we have set up an interdisciplinary team of experts ready to help you with your GDPR implementation efforts. To this end, we have developed the following services:

Personal data mapping and inventory

Find out more>>

Records of processing activities

Find out more>>

Privacy Impact Assessment (PIA)

Find out more>>

Privacy by Design

Find out more>>

Privacy by Default

Find out more>>

Retention of personal data

Find out more>>

Profiling

Find out more>>

Detection of data breaches

Find out more>>

Verification of a data processor

Find out more>>

Data processing agreements

Find out more>>

Legal grounds for personal data processing

Find out more>>

Notification obligation

Find out more>>

Interaction with data subjects

Find out more>>

Data transfer to third countries

Find out more>>

Personal data security

Find out more>>

Data protection policies

Find out more>>

Training

Find out more>>

Organization

Find out more>>

Consultation with supervisory authority

Find out more>>

Pseudonymization

Find out more>>

< Back

< Back
[+] Read More

Request for a proposal

Contact us

Michał Mastalerz

Partner, PwC Poland

Tel: +48 12 433 3510

Email

Arwid Mednis

PwC Legal Partner, Head of TMT/IP and Data Protection, Attorney-at-law, PwC Poland

Tel: +48 510 087 786

Email

Gerard Karp

PwC Legal Partner, Head of TMT/IP and Data Protection, Advocate, PwC Poland

Tel: +48 502 184 707

Email

Marcin Makusak

Partner, PwC Poland

Tel: +48 502 184 718

Email
Follow us
Services Industries Research & insights Media centre Careers About us Contact us

© 2015 - 2019 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.