Katarzyna Syska

Attorney-at-lawCounsel

Bio

Katarzyna Syska specializes in personal data protection law and in a broad range of new technologies law issues. She advises companies in various sectors, especially e-commerce, IT, insurance, banking, and the medical sector. Before joining the Law Firm, Katarzyna worked at another law firm, where she handled data protection, e-commerce, and intellectual property cases. She spent almost two years working in Brussels, where she dealt with European policy concerning data protection law, ICT regulation and intellectual property. She was an intern at the European Commission, at the Directorate-General Justice.

Katarzyna is a member of the International Association of Privacy Professionals and SABI – the Association of Data Protection Officers.

She is an author of many articles concerning privacy and data protection law, including the Guide on the GDPR for lawyers. She speaks at conferences and training in Poland and elsewhere.

She is a graduate of the Faculty of Law and Administration at the University of Warsaw, and spent a year at the Faculty of Law at the Robert Schuman University in Strasbourg, France. She also holds a certificate in American Law Studies awarded jointly by the University of Warsaw and Florida University. She completed postgraduate studies in ICT and media law (magna cum laude) at the Catholic University of Leuven, Belgium.

She is fluent in English and speaks French.


Related news

Blog 6
12 Sep 2023

The European Commission has issued a decision on the adequate level of protection under the EU-US Data Privacy Framework

The Commission’s decision of 10 July, 2023, on the adequate level of protection of personal data under the EU-US Data Privacy Framework restores legal certainty for businesses that transfer personal data to US-based entities in the course of their activity.

21 Dec 2022

Privacy issues in new rules on remote work and sobriety checks

New rules on remote work and sobriety checks at the workplace will soon be adopted. Employers will be required to adopt internal regulations on remote work and a procedure for the protection of personal data when work is performed  remotely. As for sobriety checks, employers will need to add sobriety check rules to work regulations and will be allowed to collect limited employee data in this respect.

28 Oct 2022

The Polish DPA fines a controller for not verifying a processor and for not concluding a data processing agreement

In September, the Polish DPA issued a decision fining a controller (a cultural institution) PLN 2500 for engaging a processor without concluding a data processing agreement in writing and without verifying whether the processor provided sufficient guarantees for the implementation of appropriate technical measures.

01 Jun 2022

The Polish DPA fines both the controller and the processor for the first time

In January 2022, the Polish DPA issued a decision in which it imposed an administrative fine on both a controller (Fortum Marketing and Sales SA) and a processor (Pika sp. z o.o.). The controller was fined over PLN 4,900,000 (around EUR 1,050,000) – the highest fine imposed by the Polish DPA yet – and the processor was fined over PLN 250,000 (around EUR 53,000). This decision is important for both controllers and processors.

05 Nov 2021

Legal uncertainty over collection of information on vaccination against COVID-19 by employers

Although a significant number of SARS-CoV-2 infections occur in the workplace, there are still no regulations in Poland allowing employers to collect information on their employees’ vaccine status. This creates legal uncertainty for employers.

08 Jun 2021

Court ruling confirms that an inspection by the DPA cannot be questioned or impeded

The court ruling confirms that the inspected entity cannot question the reasons for the inspection of the DPA or its scope.

Meet our team