Regulations on the processing of personal data require not only preparation of appropriate documentation, but also drafting and implementing of proper procedures. This is because of the obligation to use such technical and organizational safeguards that will ensure their adequate protection.

That’s why every business should consider preparing internal personal data protection rules tailored to the realities of the industry and the business, including on fulfilling information obligations, data management, granting authorizations, responding to detected violations, or fulfilling requests from data subjects.

JWMS lawyers have many years of experience, supported by dozens of implementations and audits of personal data protection. On the basis of projects carried out for companies in various industries, we have developed proven methods of conducting audits and implementing documentation that allow us to reach a compromise between the requirements of complex regulations and the achievement of our clients’ business goals.

As part of our data protection practice, we offer, among other things:

• conducting an internal audit, in which we map the organization’s data processing processes, identify risks, check the correctness of existing documentation and verify the compliance of the procedures used with the law,
• preparing, updating and negotiating contracts, regulations, instructions, privacy policies and other documents used in relations with clients, employees or contractors,
• legal advice on ongoing or planned business activities related to the processing of personal data (introduction of new services or products, starting cooperation with a foreign contractor, organizing marketing campaigns, purchasing databases, etc.),
• preparation of legal opinions on key topics related to personal data protection taking into account the specifics and challenges of a particular industry,
• training of employees and managers on the principles of personal data protection in the company,
• assistance in the event of the detection of a personal data protection breach, including support in the proper qualification and documentation of the breach, preparation of a notification to supervisory authorities, assessment of the risks associated with the breach, preparation of the necessary reports and communications,
• conducting disputes and negotiations, and representation before courts and authorities in personal data matters,
• support in preparing for an audit by the Office for Personal Data Protection and assistance during the audit.

We encourage entrepreneurs who want to focus on their business instead of analyzing regulations, and who prefer to entrust taking care of legal security to professionals, to contact us.