GDPR - four mythical letters that revolutionized entrepreneurs' approach to personal data. Starting from calling patients by number to careful planning of advertising campaigns, GDPR has complicated the way many businesses operate.

Moreover, GDPR is still a topic that is poorly understood, treated by most people as something unnecessary, rather a source of potential problems and traps than a regular procedure that needs to be implemented in a company like many other things.

But it doesn't have to be that way. GDPR is a set of activities, a process that can be implemented in a company like any other customary action. Sending mail in your company is probably not something you have to be particularly vigilant about or something that keeps you up at night. And the same can be true of GDPR.

What every company that processes personal data (and therefore almost every company) needs is careful planning of GDPR actions as a daily process, as a series of recurring events and activities. If you approach the subject in this way, GDPR will stop being a nuisance and become an ordinary everyday activity.

However, to navigate the intricacies of the GDPR regulation, you need to prepare the appropriate mapping of data flows, ensure that every employee or contractor has the appropriate authorization to use the data, properly configure marketing processes, or finally conduct a risk analysis related to data processing in the company.

This should be done in a personalized way, tailored to the specific needs and goals of the company, as well as the tools the company uses.

At our law firm, we understand how important it is to implement GDPR in a way that is certain, grounded, and gives entrepreneurs the confidence that the matter is handled properly.

We also understand the importance of a smooth implementation of GDPR for the company, and that compliance with data protection regulations is another obligation in the company that should happen in the background and not complicate current activities.

That's why for years we have been helping our clients navigate the intricacies of GDPR regulations and personalize all its elements to meet the specific needs and goals of their businesses.

Daily legal support and all activities in the area of data protection are just a part of what our law firm offers. We will help you plan the personal data processing process, simplify it, implement it in the company, but also take care of all registers, perform internal supervision, or advise on contracts with other entities.

We invite you to contact us. We will help you protect your personal data and together we will tackle, among other things, legal issues related to personal data protection.

We provide a professional and individual approach to issues related to the current directive on the protection of personal data (GDPR).

Implementing GDPR in a company does not have to involve drastic changes to the entire document circulation if it is carried out in a precise and thoughtful manner. Our lawyers have many years of experience, which they have successfully used in many large-scale projects. The data protection regulation is not alien to us.

In addition, we will help you smoothly flow and update data after implementation - usually, this issue is put aside somewhere and after a year, it turns out that data protection in the company needs to be updated again. With our help, you will keep the procedures up to date and ensure the security of your data.

We offer activities in the field of personal data protection that will certainly significantly simplify the administration, marketing and sales activities of the company:

  • conducting audits of compliance with GDPR and other regulations;
  • a full scan of the company to describe all processes in which personal data is used;
  • mapping the flow of personal data for optimization or supervision purposes;
  • checking and evaluating the current GDPR documentation;
  • preparation of the necessary documentation (Privacy Policy, Record of Processing Activities, Security Policy, information clauses);
  • analysis of areas in the scope of personal data processing that are susceptible to threats;
  • GDPR trainings in both, on-site and online form, together with permanent access to e-books with a summary of all matters for all employees of the company;
  • preparation and implementation of the Register of Data Processing Activities and procedures;
  • preparation and implementation of data processing agreements together with recommendations concerning their application and monitoring of its observance;
  • taking on the role of Data Protection Officer in the company – based on DPO outsourcing;
  • preparation of internal acts and orders of the company in the field of personal data protection;
  • preparing notifications of a personal data breach to the supervisory authority (PUODO);
  • representation during the PUODO inspection, in proceedings before PUODO and before administrative courts;


We service
We're an official Partner of the Startup Podbeskidzie Foundation


What our Partners say about us