Karolina Romanowska
Karolina Romanowska, adwokat, handles issues of data protection and employment law. She has experience adjusting HR documentation to the requirements of the General Data Protection Regulation for a number of leading companies from the sectors of logistics, food, sport, and financial services. She advises HR departments in negotiation of contracts involving processing of personal data. She also participates in corporate due diligence.
GDPR rules require certain entities to appoint a Data Protection Officer. Where an organisation considers that such an obligation does not apply to it, it should properly document this.
read more
Many employers believe
that they have the right to require their employees to provide information on their
disability. This is because employers have an obligation to ensure that
employees with disabilities can exercise particular privileges. The Personal
Data Protection Office ('PDPO') examined
this issue in its position paper
published on 24 August 2020, where it reminded that it is up to the employee to
decide whether or not to provide such information.
read more
In
its paper published on 30 June 2020, the Data Protection Authority (“DPA”) expressed
the view that the data of management board members representing a legal person
are protected by the GDPR as the data of natural persons who are identifiable by
using data disclosed in the National Court Register.
read more
According to the
Personal Data Protection Authority (“DPA”), employers may not process
employees' biometric data to record working time. However, this does not mean
that employers may not use such data for other purposes.
read more
The dangers caused by COVID-19 result in many employers unilaterally introducing measures to protect their employees from falling ill with the virus. For example, they measure their temperature before they enter the workplace or ask them to complete declarations stating where (in which country) and with whom they spent their holidays. As a result, a number of personal data is collected, including special categories of personal data (concerning health). An extraordinary situation, however, does not entitle employers to take completely arbitrary action.
read more
Almost two years have passed since the GDPR came into being and yet many employers are still unaware that special regulations were introduced to the Workplace Social Benefits Fund Act which impose on them numerous obligations related to the processing of personal data for the purposes of granting benefits from the Workplace Social Benefits Fund (Zakładowy Fundusz Świadczeń Socjalnych, ZFŚS).
read more