Accounting Services for Business

rss iconRSS


/ Taxes and Law in Poland

Important Data Protection Act 2018 amendment – are you aware?

Date23 Nov 2017

Dear Ladies and Gentlemen,

We kindly request you to familiarise yourself with a very important change in the data protection legislation in Poland.

On 28th May, 2018 expires the deadline for implementation of the data protection environment in a given corporate organisation to the provisions of the Directive of the European Union (EU) and the Council of the European Union nr. 2016/679 dated 27th April, 2016, covering the scope of the protection of private individual’s vis-à-vis the processing of personal data, and the free movement of such data, herewith repealing Directive 95/46/EC (also commonly referred to as ‘General Data Protection Regulation’ or ‘GDPR’).

Implementation of the provisions of this regulation will be mandatory for all companies processing personal data. GDPR broadly defines personal data processing as collection, recording, filing, organisation, structuring, storing, adaptation, modification, retrieval, view and consultation, disclosure by transmission/dispatch, dissemination or any other similar manner of making information available, alignment, joining, restriction, removal and destruction. All these actions previously mentioned imply that the majority of companies, doing whatever sort of operations linked with personal data, are going to be obliged to introduce in their given corporate organisation such solutions which are in line with the GDPR.

Financial penalties for non-compliance with the provisions of the GDPR run up to €20,000,000 or 4% of the total annual turnover achieved in the previous year. Furthermore, it should be highlighted that in accordance with Article 26 of the project on the ‘Data Protection Act’ (provided its’ subsequent resolution and entering into force), the Chairman of the Polish Data Protection Agency, in any documented case of acknowledgement of infringement on personal data protection regulations, can either temporarily or entirely proscribe the processing of personal data to corporates, which in its’ subsequent consequences might entail a serious barrier and stumbling block to the operations of many companies.

Provided that you, dear ladies and gentlemen, take already in your own sphere of responsibility proper action as to prepare yourself to the New Data Protection Act and the related to it challenges, then please consider our information only as a gentle reminder.

If you nevertheless take into consideration the use of professional advisory for the above mentioned topic, please contact your getsix® Partner to discuss further steps to be taken to make Your organisation fireproof vis-à-vis the new directive.

Having brought forward this recommendation, please kindly note that getsix® does not provide you with any legal advisory services, but we can of course put you into contact with law offices with whom we are co-operating for many years, and whom we have as part of our ‘competence network’ due to their expertise and reputation.

If you have any queries or questions regarding investing in Poland, please do not hesitate to contact getsix®.

To find out more information please visit

Yours sincerely,
getsix® Team