Health and safety services, General Data Protection Regulation, firefighting at OptiWay

Health and safety services, General Data Protection Regulation, firefighting at Optiway
By using our company’s services in the field of health and safety at work and General Data Protection Regulation , you have 100% confidence that all activities carried out by you and your employees are fully compliant with the latest standards and principles



Our Expert:

Phone: +48 508 90 51 50

Do not wait!
Ask your expert now!

We offer services:

  • » Health and safety in the field of: comprehensive service for companies, implementation of occupational safety and health trainings, first-aid trainings and specialized (work at heights, asbestos work, etc.), implementing of health and safety instructions, occupational risk assessments, consultancy and internal health and safety audits.

  • » Firefighting within the scope of: carrying out training and conducting training fire alarms, creating of fire protection instructions, fire safety instructions for indicated objects, internal audits.

  • » Protection of personal data in the field of: creating a company security policy, consulting regarding the protection of personal data, training, internal auditing and preparation for ISO27001 certification.

The new provisions on the protection of personal data will apply to all entrepreneurs who, due to their activities, process personal data, regardless of their size and turnover, and regardless of the form of their business (that is also natural persons conducting business and small companies).

It does not matter whether they are personal data of customers, contractors, employees or potential clients of the entrepreneur, or whether these data will be processed by computer or mechanically.

In addition, if the entrepreneur is established in the Union, then the provisions of the General Data Protection Regulation will apply.

Who do the new rules of the GDPR apply to?

In connection with the processing of personal data, the GDPR introduces the concept of “administrator” and “processor” to which the provisions of this regulation will apply. Both the administrator and the processor processed a number of obligations in the field of personal data protection.

By administratora” is meant a natural or legal person, public body, individual or other entity that independently or jointly with others sets the purposes and scope of processing personal data.

A „processing entity” is a natural or legal person, public body, individual or other entity that processes personal data on behalf of the administrator.

This means that the administrator or the processor will be both a large joint-stock company and a person running a sole proprietorship, provided that it will process personal data.



the administrator and the entity processing personal data can be anyone, even an entrepreneur running a sole proprietorship, who records personal data in a way chosen by him, including its clients, employees and contractors.

Therefore, only the fact of processing personal data by him (e.g. saving names, nip numbers and other information necessary to issue an invoice) is decisive for the necessity of applying the GDPR to the entrepreneur, and not the size of the entrepreneur or the fact of employing employees. 

What is processing?

By processing is meant collecting, consolidating, organizing, ordering, storing, adapting, or modifying, downloading, browsing, using, disclosing by sending, distributing or otherwise sharing, matching or merging, limiting the removal or destruction of personal data that is part of a set (ordered set) of data, both in an automated and non-automated way.

This means that the processing of personal data can take place both in the IT system and outside it.
The Regulation will not apply to the processing of personal data by a natural person as part of a purely personal or household activity, as well as by Member States and competent authorities for the purposes of crime prevention.