Ready for the new Google Consent Mode v2? Learn more »
Legal, News

Polish DPA on Compliance with the Whistleblower Protection Act


Polish flag with text “Polish DPA provides guidance on Whistleblower Protection Act”

On August 7, the President of the Polish Data Protection Authority (UODO), together with other members of the Authority and external experts, organized a seminar to support companies in the implementation in their business processes. The main points of discussion are summarized here:

Expanding the definition of a Whistleblower

During the seminar, it was clarified that the identity of a whistleblower is not limited to their first and last name. Identity also includes all data that can indirectly identify the whistleblower, such as their place of work.

Types of reports that can be submitted

Questions have been raised about the form in which reports can be submitted and whether verbal methods of communication such as telephone calls, although controversial, are acceptable. However, it is important that whistleblowers can be sure that their identity will not be compromised, regardless of the type of report.

More clarity on the retention period for personal data

The seminar also looked at clear procedures for data retention, as the Whistleblower Protection Act brings ambiguity in this area. The retention period calculated for each breach report can vary depending on the breach reported, making it difficult for companies to implement consistent processes.

What you can do now

If your company operates in the EU Member States and employs more than 50 people, you are required to set up a secure and confidential whistleblowing channel.

consentmanager ’s whistleblower software offers you comprehensive support in complying with the EU Whistleblower Directive, including:

  • Secure and anonymous storage of messages
  • Management of incoming messages
  • Establishment of secure reporting channels

Click here to visit our dedicated page, and get started.


more comments

General

Newsletter 09/2024

New features: Data Subject Rights (DSR) tool The GDPR provides that those affected (such as website visitors, customers or other persons whose data is processed) enjoy certain rights. This includes, in particular, the right to query their rights and obtain information about the data processed. The rights include, among others: Our new DSR tool now […]
consentmanager logo with the text ‘consentmanager is a Google CMP Gold Partner’ on the left side. Gold medal with a ribbon next to a shield with the text ‘Certified CMP Partner’ in Google brand colours.
News

consentmanager achieves Gold Status as Google CMP Partner

consentmanager is pleased to announce that it has been named a Gold Tier CMP Partner within Google’s Consent Management Platform (CMP) Partner Program. This recognition is awarded to us with consideration of the following criteria: The latest development in the Google Partner Program makes CMP implementation easier for our customers. Now you can integrate your consent banner directly […]