Data protection

The business activity of our clients generally entails data processing. The regulation of data processing, the exclusion of related risks, and to answer the questions in connection with data processing are ongoing demands of our clients.

The services of our office in the field of data protection are aimed at serving these needs. We provide strategic advice to our clients, enabling them to identify and manage the relevant risks. We also assist our clients when specific issues relating to data protection arise. Our team prepares the documents necessary to ensure compliance.

Based on our knowledge and experience in insurance law, capital market law and laws regulating financial intermediaries, we provide industry-specific legal advice in data protection issues to companies providing services on related markets.

In the course of providing our services, we pay particular attention to finding a balance between the protection of privacy and the business interests of our clients.

Our services


We start our legal support by reviewing the contractual relationships and business activities of our clients to identify the tasks and the risks arising from managing personal data. As a result, we suggest the steps that need to be taken to comply with the regulatory requirements. We provide support at all stages of the implementation as well.

In our work, we regularly provide data protection advice on complex activities and activities which are considered highly sensitive from a data protection point of view.

Drafting data privacy documents

Compliance with data protection rules requires the use of notices and other regulatory documents (e.g. internal data protection policy, data protection notice, declaration of consent, data processor contract, joint data processing agreement). In light of our clients' data processing activities, we help them to prepare the necessary documents or update their documentation to ensure compliance.

Recent transactions:

  • contribution to preparing internal data protection legislation for an insurance company with an international background;
  • preparation and review of data processing agreements for data processors or controllers carrying out different activities;
  • drafting data privacy notice for clients to be used by companies mainly providing services on the financial, capital and insurance markets, but also for companies with other profiles concerning their comprehensive or case-by-case data processing activities;
  • drafting data privacy notice for employees;
  • contribution to developing internal data managing processes and preparing the corresponding documentation;
  • counselling on personal data breaches, exercising the data protection rights;
  • providing legal support to developing the scheme for processing data for marketing purposes and preparing the relating documents.