Protection of personal data, GDPR

The General Data Protection Regulation („GDPR”) entails a change in the philosophy of personal data protection.

It is based on the principles of risk assessment and accountability.

In line with this approach, compliance with data protection rules depends on the nature, scope, context and purposes of data processing, on the risk of infringing the rights and freedoms of data subjects and on the interests of the data controller.

The GDPR came into force on 25th May 2018. It applies directly to all entrepreneurs who process personal data within the European Union.

Every entrepreneur is obliged to ensure ongoing compliance with the Regulation. Compliance is a continuous process, not a one-off assessment.

The GDPR requires implementing a strategy based on data processing risk assessment. It also requires the updating of existing company documentation and procedures.


The GDPR’s accountability principle means that entrepreneurs are responsible for demonstrating their compliance with its rules.

The high financial penalties set out in the GDPR mean that personal data should be a key area of your company’s compliance focus. Fines can be imposed up to 20 million euros or 4% of the company’s annual worldwide turnover.

How we can help?

Contact us

Katarzyna Szczudlik, FIP, LLM, CIPP/E, CIPM

Katarzyna Szczudlik, FIP, LLM, CIPP/E, CIPM



Contact form

    The Controller of your personal data is SSW Pragmatic Solutions Spaczyński, Szczepaniak, Okoń sp.k., ul. Rondo ONZ 1, p. 12, 00-124 Warsaw. Your personal data contained in your form are processed in order to enable us to contact you. The details concerning our processing of your personal data, including your rights connected with your personal data, can be found in our privacy policy available here Privacy Policy.

    If you are interested in obtaining offers and materials concerning the products, services and events of SSW Pragmatic Solutions Spaczyński, Szczepaniak, Okoń sp.k., please indicate your agreement below.