Experience – Data Practice — Data Economy

Go to content
Change language to PL Change language to EN
zh cs fr de it ja ko ru es UA
Data Practice — Data Economy
Check out our posts
[ in principle ]
Continuously updated
GDPR commentary
What we do > Practices > Data Practice —... > Experience

Selected experience

  • We provide comprehensive legal support to renowned international companies on data breaches (including notifications to the data protection authority and data subjects, analysis of contracts with business partners and internal procedures).
  • We prepared a data processing agreement concerning recruitment services for a company from the FMCG sector.
  • We provide ongoing legal support to clients in the aviation sector concerning data protection in HR, in particular related to background checks.
  • We provide legal support to medical device companies on processing of personal data in clinical trials (including sharing and reuse of clinical trial data).
  • We have provided comprehensive legal support for numerous clients from the pharmaceutical sector, in particular drafting data protection clauses (including consent and information clauses) in clinical trial agreements.
  • We prepared a legal opinion on the permissible scope of personal data processing for direct marketing by a multinational corporation starting business in Poland.
  • We prepared a structure of data flows (including data flows outside the European Economic Area) for an international capital group.
  • We prepared comprehensive documentation under the General Data Protection Regulation (including drafting of a privacy policy and cookie policy) for an international e-commerce platform.
  • We prepared a legal opinion on the necessity to appoint a data protection officer under the GDPR for an entity from the IT sector.
  • We advised on data processing issues connected with cooperation with an employment agency.
  • We developed a balancing test concerning security measures for a large manufacturing company.
  • We advised an international group on the rules for processing and conditions for transfer of employees’ personal data between companies in the group, including affiliates in third countries, for the purpose of launching a centralised HR management system.
  • We have advised numerous clients offering electronic services, including adapting companies’ privacy policies to comply with legal requirements.
  • We provided data protection advice in connection with liquidation of subsidiaries of a Dutch client in other European jurisdictions and replacement of the subsidiaries by branches of the corporate client. We identified the data controllers in the revised structure and prepared documentation for making the relevant notifications and changes in the national data protection authority’s register of filing systems.
  • We regularly advise financial institutions on processing of personal data, including data subject to special confidentiality regimes (e.g. banking and payment secrecy). Our advice particularly involves the possibility of transferring data to third parties, processing of data in the cloud, and processing of data in relation to outsourcing.
  • We advised a payment organisation in connection with processing of personal data for purposes of loyalty programmes and targeted marketing.
  • We advised an international capital group on processing of personal data of customers, suppliers and employees, in connection with outsourcing of financial services (including to third countries).
  • We have advised a financial institution on:
    • Protection of personal data in connection with the use of visual monitoring
    • The permissible scope of gathering personal data from employees and job candidates
    • The permissible scope of collection of personal data of customers.
  • We advised a bank on the permissibility and conditions for using automated instruments for processing personal data of job candidates at each stage of recruitment.
  • We advised a telecommunications company on the conditions for processing of personal data gathered via medical devices used for telemedicine.
  • We have represented clients in proceedings initiated by the Polish data protection authority as a result of inspections.
  • We have represented clients in proceedings before the Polish data protection authority seeking approval of binding corporate rules.
  • We advised one of the country’s largest chains of furniture stores in connection with flows of personal data during a corporate reorganisation within the group.
  • We advised the acquirer of one of the country’s largest supermarket chains in examining the level of GDPR compliance of the acquired company.
  • We provide ongoing advice on data processing rules for anti-money-laundering and know-your-customer purposes. We provide opinions on issues such as the permissible scope of data processing, data retention periods, and the possibility of sharing data on suspected money laundering.
  • We advise leading automotive manufacturers on development of models for processing telemetric data generated by vehicles.
  • We provide ongoing advice on processing of telecommunications data, including special data retention requirements for telecoms.
  • We advised an international corporate group on structuring a system for managing the risk of sanctions and related processing of personal data.
Check out our posts
[ in principle ]
Continuously updated
GDPR commentary
Practices
more