Where will I find accessible legal information?
DZP's media centre.
The leading positions in CEOWORLD magazine’s Top 10 Most Valuable Brands ranking (2019) are held by Apple, Google, Amazon, Microsoft, and Samsung. I have no doubt that the next ranking will confirm the domination of these companies, with several more probably being added to the list, e.g. facebook.
What all these companies have in common is that they are building up their position by collecting and using huge customer information. It is as though the digital world needs fewer real products and services and feeds on information instead. Covid-19 and compulsory isolation have probably reinforced this trend.
Thus, data, including personal data, are constantly circulating around the globe and in ever increasing quantities. At the same time, threats to privacy are growing, and at different levels. In the last few days alone, CNN has reported several times on hacking attacks (compromised Twitter accounts belonging to Joe Bidden, Barack Obama, Bill Gates, Elon Musk and Apple; Russian hacking group APT29 attack on Covid-19 research centres).
Aware of these risks, global democracies have been striving for years to protect personal data, though they are doing so in different ways. From this perspective, the EU traditionally deems that the European model is exemplary on a global scale, and that specific requirements have to be met for data to be transferred to countries outside the EU (including the USA, Australia, China and India (“third countries”).
The European Commission (the EC, i.e. the executive branch of the EU) may facilitate the transfer of personal data from the EU to third countries, inter alia, by adopting adequacy decisions (determining that a country outside the EU offers an adequate, i.e. European-like level of protection). The EC has so far recognised, among others, Argentina, Canada (commercial organisations only), Israel, Japan, New Zealand and Switzerland as providing adequate protection. The USA also used adequacy decisions (Privacy Shield framework) to a certain narrow extent until 16 July. Moreover, the EC is authorised to adopt standard data protection contractual clauses (SCC) providing adequacy protection comfort. To date, copying and pasting these SCC into a commercial contract has been considered sufficient to ensure the legality of the transfer of data out of the EU.
On 16 July 2020, the highest European court – the Court of Justice of the EU (the CJEU) dealt a significant blow to the instruments identified to improve the transfer of data outside the EU.
Final conclusions
The article is available at the CEOWORLD magazine website.
From 25 May 2018 the General Data Protection Regulation (GDPR) applies in Poland and other European Union countries. We would therefore like to give you several details on the subject of how DZP processes personal data.
The administrator of the personal data is Domański Zakrzewski Palinka Sp.k. (“DZP”; address: Rondo ONZ 1, 00-124 Warszawa). Data are processed for contact purposes and to impart information on changes to provisions and authority practices and on other issues, including events concerning day-to-day legal, economic and cultural issues, inter alia, by sending DZP newsletters. The above is carried out on the basis of legitimate interests, i.e. in accordance with art. 6(1)(f) of the GDPR. Data can also be processed where necessary for the conclusion or performance of a contract and for compliance with a legal obligation to which DZP is subject, i.e. pursuant to art. 6(1)(b) and (c) of the GDPR. Data can be transferred to entities with whose help DZP achieves the indicated aims, including entities maintaining IT infrastructure. Giving data is voluntary and in contractual relations is a requirement for concluding and performing a contract. It is possible to object to data processing, request access to, rectification and erasure of personal data or restriction of processing and data portability. Data are kept until an objection is made, and in contractual relations – throughout the term of the contract and thereafter for a period specified in provisions on archiving and limitations period for claims. Anyone has the right to file a complaint with the President of the Personal Data Protection Office. Questions concerning privacy at DZP can be sent to DZP’s Data Protection Inspector, Macieja Maciejewskiego, at: iod@dzp.pl.
New rules on cookies: Domański Zakrzewski Palinka sp.k., as the service provider of the www.dzp.pl website, stores and accesses cookies, i.e. small text information fles sent by a web server and stored on your hard drive, or other data storage medium of a user, for the purposes of: proper functioning of the www.dzp.pl website, confguring the www.dzp.pl website, security and reliability of the www.dzp.pl website, session monitoring, providing advertisements, personalization of the displayed information to the user, or analysis, statistics, research and website trafc auditing.
You can specify the conditions for storage of or access to cookies via your browser settings. Consent to the storage of or access to cookies by Domański Zakrzewski Palinka sp.k. on your device, is acknowledged by the settings of the browser installed on your device. For more information, see our cookie policy.