By Deb Gray
Our friends at KL&M Law, in Warsaw Poland, were kind enough to share unpublished decisions from the data protection authority (DPA) of Poland (UODO) that they obtained as part of a recent information request. The unpublished decisions involve controllers who received reprimands from the DPA related to non-compliance with the General Data Protection Regulation (GDPR). KL&M received almost 200 previously unpublished decisions from the DPA, which KL&M analyzed to determine DPA focus areas and potential impacts for companies who rely on personal data processing in their business models. The resulting report, on nearly 80 decisions, is divided into thematic sections: Marketing, Financial sector, Insurance sector, COVID and health information, Publicly available data, Labor issues, Claims, Video surveillance, Personal data breach, and Miscellaneous. Our thanks to Marcin Lewoszewski at KL&M for sharing this valuable resource!
Deb Gray is a Senior Privacy Analyst at Hintze, with over two decades of wide-ranging experience in privacy and data protection matters.
Hintze Law PLLC is a Chambers-ranked privacy firm that provides counseling exclusively on global data protection. Its attorneys and privacy analysts support global technology, ecommerce, advertising, media, retail, healthcare, and mobile companies, organizations, and industry associations in all aspects of privacy and data security.