We have many years’ experience in handing outsourcing and personal data issues and we know that working with other businesses is fundamental to doing business on a large scale. We are aware of our clients’ expectations because we advise both the firms doing the outsourcing and the insourcers. In addition we advise on regulatory issues with regard to outsourcing in regulated sectors and assist with the building of a network of service providers.
Our areas of specialisation include:
- implementation of Polish data privacy regulations and new EU privacy law framework (GDPR, PSD2, NIS, e-Privacy)
- assisting firms which are subject to regulation on the financial markets in regulatory aspects of outsourcing (banks, payment institutions, brokerage houses, investment funds);
- providing services for providers and users of cloud computing services (in all of the cloud models: SaaS, PaaS, IaaS);
- comprehensive legal review of agreements and data flow in complex service provider structures (including within a capital group);
- advising on transfer of personal data to third countries (including The United States and Asian countries);
- advising on legal aspects of data security and access authorisation;
- advising on a full range of issues relating to personal data protection and professional secrecy, including complete reviews of personal data processing in businesses and capital groups;
- drawing up and negotiating outsourcing agreements;
- drawing up a full set of documentation on processing of personal data and outsourcing procedures;
- comprehensive advice to firms which process personal data in marketing activities (for example loyalty schemes, sales support systems, competitions, lotteries, online marketing);
- advising on processing of sensitive data (for example medical records);
- representing businesses before administrative authorities in matters relating to outsourcing and data security (Polish Data Protection Authority (GIODO), Polish Financial Supervision Authority (KNF).