Karolina Romanowska
The gig economy: Digital platform workers vs. personal data
25.01.2024
data protection
In recent years, the gig economy, based on a model of flexible employment using online platforms, has grown rapidly. In the EU, it is estimated that 43 million people will be employed through such platforms in 2025. A heated discussion is underway regarding the new regulations in this sector, in particular regarding the employment model for such workers, but also about making automated decisions regarding them using various types of algorithms. What should the organisers of job platforms keep in mind in light of the GDPR? We discuss this using the example of decisions on food delivery platforms issued by the Italian Data Protection Authority.
“Bossware” under labour and data protection law
12.01.2023
employment, data protection
The proliferation of remote work, combined with the development of monitoring technologies, has led employers around the world to implement various, sometimes technologically advanced methods to check employees’ performance and commitment to their work. In this area, IT solutions and programs commonly called “bossware” are gaining popularity.
Remote work vs. personal data processing
15.12.2022
employment, data protection
The upcoming amendment to the Labour Code on remote work is expected to comprehensively regulate a number of issues and relationships between employer and employee, significantly changing the existing legal landscape for performing work from home. The amendment also touches on issues of processing of personal data. Although work on the bill is still underway, it appears unlikely that the provisions discussed below will change significantly, so it is already worth taking a closer look at them.
Standard contractual clauses need to be updated by 27 December 2022
17.11.2022
data protection
Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.
The Polish data protection authority will inspect compliance with the regulations on data protection officers
30.03.2022
data protection
A list of questions has been published on the website of the Personal Data Protection Office on compliance with the GDPR provisions on data protection officers. These issues will need to be addressed by data controllers and processers summoned by the data protection authority.
Are you drafting a whistleblowing policy? Don’t forget about personal data
02.12.2021
employment, data protection
Work is underway on a bill implementing the EU’s Whistleblower Directive (2019/1937). It is not yet clear whether the directive will be implemented into Polish law on time (by 17 December 2021), but many companies are already drafting the necessary documents and organisational procedures.
What does your video game know about you? Data processed by the gaming industry
12.08.2021
gaming, data protection
Many entities in the gaming industry believe that they process little or no personal data. This belief can be misleading. We discuss what gaming companies should look out for in practice to avoid the risk of financial penalties
What is the right to personal data?
14.01.2021
new technologies, data protection
When seeking inspiration for the future legal status of data, it is worth taking a closer look at how the right to personal data has been shaped. In particular, we could consider whether it is a property right and whether the current legal framework for the right to personal data corresponds to reality and meets our needs.
Marketing communications to individuals: What’s the story with consent?
27.02.2020
data protection
Most businesses react nervously when they hear the letters “GDPR,” as in their view the regulation gets in the way of performing their day-to-day work, particularly marketing. At the same time, many businesses get lost in the tangle of regulations they are supposed to follow if they wish to lawfully direct marketing communications to individuals. What issues cause them the most difficulty?
GDPR-compliant websites
27.02.2020
data protection
Ensuring the transparency of websites is vital from the perspective of the GDPR. Persons entering a website must be aware of how their personal data will be processed on the site and for what purpose.