Last week (January 13), the plan for sectoral inspections to be conducted by the Personal Data Protection Office this year was published. It outlines three main areas of focus for the supervisory authority.

Two of them concern the private sector, i.e. banks and organizations that have their own mobile applications.

Bank inspections will concern the personal data of customers and potential customers in the scope of profiling, as well as compliance with the obligation to provide information to loan applicants about the assessment of their creditworthiness.

However, controls on mobile applications are to focus on their proper security and the sharing of personal data by processing entities (processors).

The third area of ​​planned sectoral inspections will concern the public sector. It will cover bodies processing personal data in the Schengen Information System and the Visa Information System.

It's worth noting that the Personal Data Protection Office (UODO) places emphasis on verifying the processing of personal data using new technologies. It's important to remember that mobile applications should be protected by default, even at the design stage, and that the risks and impacts of data processing should be properly assessed. Furthermore, proper verification of so-called processors entrusted by the personal data controller with certain types of personal data processing is crucial.

The UODO announcement can be found at the following link: https://uodo.gov.pl/pl/138/2250

This alert is for informational purposes only and does not constitute legal advice.


|

    Have any questions? Contact us – we'll respond as quickly as possible.

    Post Views: 8