Poland
| OVERVIEW | Data protection in Poland is governed by the Act on the Protection of Personal Data (1997) and fulfills Poland's obligation as an EU Member State to implement the EU data protection directive. There are also several other laws that address privacy and data protection in Poland. |
| ENACTED | Protection of Personal Data Act |
| GENERAL PRIVACY LAWS | Protection of Personal Data Act |
| PERSONAL DATA PROTECTION LAWS AND REGULATIONS | Governed by the principles of the Protection of Personal Data Act. |
| TYPE OF DATA PROTECTED | Personal data. |
| WORKPLACE PRIVACY LAWS | Chapter 7 of the Protection of Personal Data Act |
| TRANSBORDER TRANSFERS | Civil and criminal sanctions, including imprisonment for up to 3 years. |
| FINES AND SANCTIONS |
Chapter 6 of the Protection of Personal Data Act requires data controllers to register before processing personal data. The Banking Act of 1997 is the principal legislative instrument regulating the banking and finance industry in Poland. The Banking Act states that banks and all staff and other people involved in banking operations are bound by the obligation of banking secrecy. This includes "all information concerning a banking operation, where such information is obtained during negotiations, conclusion and performance of an agreement under which the bank performs such operation".3 As this is a very broad definition, it presumably includes customer information. |
| OTHER PRIVACY LAWS AND REGULATIONS | Data protection in Poland is governed by the Act on the Protection of Personal Data (1997) and fulfills Poland's obligation as an EU Member State to implement the EU data protection directive. There are also several other laws that address privacy and data protection in Poland. |
