by jm | Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
The Data Protection Officer (DPO) is one of the most ambiguous roles in the organisational structure arising from the GDPR. In many organisations, the DPO is simply the person who “does GDPR” — writing documents, conducting training, answering employee... by jm | Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
Every organisation using SaaS systems, cloud services, email marketing tools, CRM platforms, or HR software should ask itself one question: where are my customers’ and employees’ data actually processed? If a vendor’s servers or technical operations... by jm | Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
A GDPR audit is one of those tasks that sounds serious but is rarely carried out regularly in practice. The reason is simple: without proper structure, an audit becomes a one-off exercise — a document review that quickly becomes outdated once it is finished. Yet the... by jm | Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
From 3 April 2026, the amended Act on the National Cybersecurity System (KSC), implementing the EU NIS2 Directive, is in force in Poland. For thousands of organisations across Europe, this means new cybersecurity obligations — regardless of whether they already comply... by jm | Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
Employee personal data is one of the most extensive areas of GDPR in practice — and at the same time one of the most frequently overlooked during implementation. Organisations focus on customer data and forget that the employer-employee relationship generates a broad...