• EN
    • DE
  • Login
Consent Management Platform
Consent Management Platform (CMP) Usercentrics
  • ProductsHolistic Consent Management Software
    • Website Consent Management
    • Mobile Consent Management
    • AMP Consent Management (BETA)
    • Smart Data Protector
    • Automatic Privacy Policy
  • Solutions
    • GDPR
    • CCPA
    • CMP for Publishers
  • Pricing
  • Resources
    • Developer Documentation
    • Videos
    • FAQ
    • Knowledge Hub
    • Whitepaper
    • Webinars
    • RFI Template
    • What’s new?
  • Partner
    • Find a partner
    • Become a partner
    • Tech Partner
    • Expert Partner
    • Reselling Partner
    • Referral Partner
  • Company
    • About us
    • Career
    • Press
    • Events
    • Contact
  • CONSULT AN EXPERT NOW
  • Menu
GDPR Compliance
August 31, 2020 | 2 min read

Poland: New data protection regulations including consent under GDPR

Resources
Knowledge Hub
Poland: New data protection regulations including consent under GDPR

Table of contents

Show more Show less

Recently, Poland’s Data Protection Authority “UODO” has announced major changes in the legal basis for processing data. Therefore, consent is only the foundation for legitimate processing when there are no other legal grounds. However, if the consent is applicable, it must meet certain conditions in order to effectively constitute the basis for processing.

What is the current situation?

Only if “essential” tags are not the basis for data collection, consent can be the basis for processing personal data whilst meeting certain relevant conditions as provided by articles 4 (11) and 7 of the GDPR. 

Consent given before personal data is being processed should be explicit, specify the person giving his or her consent, show whose personal data is made available for how long and to whom, and inform about the purpose of the processing. The website owner is obliged to ensure that his activities comply with the principles governing the processing of personal data, in particular articles 5 and 7 of the GDPR.

New regulations from now on

It is crucial to remember that it is not allowed to force users to give their consent as such consent is not valid under GDPR. It should be recalled that we are dealing with forced consent when the consent clause is stated between many other points of the agreement. Forced consent also exists when a public or non-public institution performing a public task makes its activities subject to consent.

Withdrawal of consent

According to article 7 (3) GDPR, consent may be withdrawn at any time. The provision requires the website owner to inform the user of this right before giving his or her consent. Also, withdrawing consent must be as simple as giving it and possible in the same way.

Approval for marketing contact

Businesses should be particularly vigilant when it comes to their different marketing activities: While consent is not required for direct marketing, the situation changes when this form of communication is done by telephone as this is prohibited without prior consent.

Default settings

It should also be noted that any model which takes advantage of the passivity, silence or carelessness of the person whose personal data is being collected or setting pre-ticked boxes is unacceptable and consent gathered in this way is considered invalid. The person giving consent has to take affirmative action, to consent to the specific processing of his or her personal data. The user has to make the decision himself and consciously make a choice. Pre-ticked boxes can be easily overseen through inattention and rush.

Which actions should be taken by any company?

  1. Get an overview of all the data you are collecting and storing and find out whether you have to care about proper data security management.
  2. Check your system for possible leaks. You cannot only be charged a fine in case data is stolen but already if there is an existing data leak. Those GDPR violations can be detected with very little technical knowledge by competitors or users.
  3. Collect and manage your user’s consent. This can easily be done by implementing a Consent Management Platform (CMP). 

What are the benefits of a CMP?

✔ Collecting and storing consents in accordance with the law ⇨ Minimize your legal risk

✔ Audit proof documentation ⇨ Proof you did obtain your data the compliant way in case of an audit

✔ No loss of data ⇨ Protect your advertising revenue

✔ Boost of your user’s trust ⇨ Get ahead of your competitors by managing your user data transparently

 

You want to know more about the Usercentrics CMP?

Request a demo

 

DISCLAIMER

The decision to implement a data protection-compliant CMP is ultimately at the discretion of the data protection officer and/or the legal department. These statements do not constitute legal advice. They merely serve to support and inform you about the current legal situation with respect to the implementation of a CMP solution. Please consult a qualified lawyer should you have any legal questions.

Related Articles

The latest ePrivacy Regulation: when will it come, what will change, and how can companies get prepared?
February 24, 2021
6 min read
GDPR ComplianceMarketing & GDPR

The latest ePrivacy Regulation: when will it come, what will change, and how can companies get prepared?

Are you looking forward to the end of the ePrivacy Regulation? After all, the discussion about a Europe-wide, uniform...

Read more
How to create a GDPR-compliant newsletter in 3 simple stepsNewsletter-3-steps
December 1, 2020
7 min read
GDPR ComplianceUsercentrics Best-Practices

How to create a GDPR-compliant newsletter in 3 simple steps

Download a whitepaper for free but only if you sign up for the newsletter – many websites offer this...

Read more
Obtaining user consent: these five tricks are not GDPR-compliantUsercentrics - Obtaining user consent: these five tricks are not GDPR-compliant
June 22, 2020
5 min read
GDPR ComplianceGDPR Opt-in

Obtaining user consent: these five tricks are not GDPR-compliant

Consent is the new gold in online marketing because data without consent will be worthless in the future. But...

Read more

Next Steps

Scan your website

Scan your website

Check your privacy compliance
Request a demo

Request a demo

Schedule for free
Get started

Get started

See our pricing

Legal Update

Always up-to-date: With our legal update, we keep you up to date with the latest trends around data protection.

Products

  • Website Consent Management
  • CMP for Publishers
  • Mobile App Consent
  • Automatic Privacy Policy
  • Smart Data Protector
  • AMP Consent Management (closed beta)

Resources

  • Whitepaper
  • Case Study
  • On Demand Webinars
  • Live Webinars
  • Knowledge Hub
  • RFI Template
  • Videos
  • FAQ
  • Developer Documentation

About Us

  • Who we are
  • Career
  • Press
  • Events
  • Contact

Our Mission

Helping companies to achieve compliance in harmony with their marketing strategy.

Legal

  • Legal Notice
  • Privacy Policy
  • Terms and Conditions

Address

Usercentrics GmbH
Sendlinger Straße 7
80331 Munich
Germany

© Copyright 2021 Usercentrics

This website and all services provided by Usercentrics are not intended for users and companies outside of the European Union, U.K. or Switzerland.

Brexit and the ICO Guidelines on Cookie Consent: How to be compliant after the... Brexit - ArticleBrexit - Article Google Analytics ImageGoogle Analytics Image Stricter requirements for the use of Google Analytics
Scroll to top