Personal data protection /

New personal data protection law in Poland

There are works pending on implementing the provisions of the EU regulation 679/2016 on personal data protection in Poland (in short: RODO). The Ministry of Digitalization – authority responsible for shaping Polish data protection policy – is responsible for proper implementation of RODO’s provisions.


Despite the fact that as a rule the provisions of EU regulations shall be applied directly, RODO entails several changes to currently binding provisions of Polish personal data protection law. There are more that 130 acts which should be amended after RODO’s entry into force. In this respect there are works pending on new draft of act on personal data protection in Poland.


The draft project of new personal data protection law provides inter alia the following changes:

  • Establishing the new body – Chairman of Personal Data Protection Office instead of General Inspector of Personal Data Protection,
  • More consultative character of Chairman of Personal Data Protection Office,
  • One-instance proceedings
  • Possibility of using biometrics in labour law
  • Digitalization of insurance entities (especially the possibility of expressing consent in digital form instead of written consent).

Stage of works

The project was widely discussed during public consultations. After finalisation of this stage, the draft act was directed to the Polish Committee of European Affairs of Ministers Council. During the next phases of the procedure, it will be subjected to notification of EU bodies and then directed to Polish Parliament.

For more information, contact us on [email protected]

Contact us

Młyńska 16
61-730 Poznań
+48 61 853 56 48[email protected]
Rondo ONZ 1
00-124 Warsaw
+48 22 300 16 74[email protected]
Swobodna 1
50-088 Wrocław
+48 61 853 56 48[email protected]
Opolska 110
31-355 Kraków
+48 61 853 56 48[email protected]
Jana Sobieskiego 2/3
65-071 Zielona Góra
+48 61 853 56 48[email protected]