Od 25 maja 2018 r. organem właściwym w zakresie ochrony danych osobowych jest Prezes Urzędu Ochrony Danych Osobowych. Nowa strona internetowa urzędu jest dostępna pod adresem: www.uodo.gov.pl.

Materiały zamieszczone na stronie Generalnego Inspektora Ochrony Danych Osobowych (GIODO) dostępnej pod adresem www.giodo.gov.pl mają charakter archiwalny.


Responsibilities of the Inspector General for Personal Data Protection

Responsibilities of the Inspector General for Personal Data Protection are provided for by the provisions of the Act of 29 August 1997 on the Protection of Personal Data (i.e. Journal of Laws of 2015, item 2135).

Pursuant to these provisions the Inspector General for Personal Data Protection shall be entitled to:

  • supervision over ensuring the compliance of data processing with the provisions on the protection of personal data,
  • issue administrative decisions and consider complaints with respect to the enforcement of the provisions on the protection of personal data,
  • ensuring the obligors’ fulfillment of non-pecuniary obligations arising under the issued decisions, by the means of enforcement measures foreseen in the Act of 17 June 1966 on enforcement proceedings in administration
  • keep the register of data filing systems and provide information on the registered data files,
  • issue opinions on bills and regulations with respect to the protection of personal data,
  • initiate and undertake activities to improve the protection of personal data,
  • participate in the work of international organisations and institutions involved in personal data protection.

In case of any breach of the provisions on personal data protection, the Inspector General ex officio or upon a motion of a person concerned, by means of an administrative decision, shall order to restore the proper legal state, and in particular:

  • to remedy the negligence,
  • to complete, update, correct, disclose, or not to disclose personal data,
  • to apply additional measures protecting the collected personal data,
  • to suspend the flow of personal data to a third country,
  • to safeguard the data or to transfer them to other subjects,
  • to erase the personal data.

Should the inspection reveal that the action or failure in duties of the head of an organisational unit, its employee or any other natural person acting as the controller bears attributes of an offence within the meaning of the Act, the Inspector General shall inform about it a proper prosecuting body, enclosing the evidence confirming his/her suspicions.

Last news