We provide end-to-end legal support for personal data management – from GDPR audits and DPIAs to day-to-day advisory, documentation updates and representation before supervisory authorities. We help organisations respond to cybersecurity incidents and build legally sound compliance and risk strategies. Our expertise extends to intellectual property and new technologies – including licensing agreements, e-commerce frameworks, telemedicine and AI applications. We work with IT companies, digital health providers and startups to ensure their innovations are protected, compliant and future-ready.
Data protection
- GDPR audits and implementation
- analysis of data processing activities
- review, drafting and implementation of required procedures and documentation
- preparation and updating of ROPA (Record of Processing Activities)
- definition of risk assessment methodologies and preparation of risk analyses
- preparation of DPIAs (Data Protection Impact Assessments)
- review and adjustment of data processing agreements to GDPR requirements
- advisory on data transfers outside the EEA
- preparation of TIAs (Transfer Impact Assessments)
- acting as a DPO (Data Protection Officer) within the organisation
- review of new projects and business areas for compliance with the GDPR and other data protection regulations
- ongoing substantive support for individuals responsible for data protection within the organisation, as well as day-to-day assistance for employees in fulfilling their obligations arising from internal organisational documents
- review and drafting of new documentation related to personal data processing
- preparation, analysis and negotiation of data processing agreements
- periodic employee training sessions
- periodic review and updates of data processing documentation (including records, privacy notices, consent clauses, policies and procedures), as well as periodic updates of risk analysis and DPIA recommendations
- representation and substantive support in court and administrative proceedings related to personal data processing
- substantive support in communications with data subjects, public authorities, NGOs, industry organizations and the media in all matters related to personal data processing by the company
- cybersecurity incidents
- assessment of legal risks and support in building response strategies
- coordination of expert and crisis team activities
- representation before supervisory authorities and law enforcement agencies
- legal assistance in relations with affected individuals and business partners
- cooperation with PR specialists and insurers
- conducting proceedings before the president of the Personal Data Protection Office and the courts
IP and New Technologies
- advisory on Polish and EU intellectual property law
- drafting and negotiation of licensing agreements and IP transfer agreements
- advisory on the protection of image, reputation and good name online
- legal support for IT companies and start-ups
- advisory on e-health, telemedicine, secondary use of medical data, digitalisation of healthcare providers, modern medical devices and mobile applications
- preparation and negotiation of agreements on software and technical infrastructure (including implementation, warranty, maintenance and licensing agreements)
- drafting of terms and conditions, contracts, clauses and declarations required for e-commerce, website operations and the provision of services electronically
- advisory on electronic services and liability of service providers
- advisory on online payment systems