Service providers who use our services know very well how important it is to build trust among clients. JPL Group advices service providers in terms of the preparation of the framework for processing personal data (for instance, of potential clients, clients and suppliers) and verifies the organisation status in this regard. Among our Clients, there are also service providers, who invite us to cooperate in the provision of their services, for instance IT companies that develop advanced information or mobile systems, law firms specialising in company fusions or acquisitions that want to consult changes in terms of the flow of personal data.

Special legal advice

Within the framework of our activity, we offer specialised legal advice on personal data protection law, new technologies, e-commerce and advertising.

  • We provide legal support in the implementation of new projects related to the provisions on the protection of personal data.
  • We prepare appropriate grounds for the processing of personal data, for instance, as part of planned marketing campaigns, by establishing relevant approval clauses and disclosure requirements.
  • We conduct proceedings before the General Inspector for Personal Data Protection and we provide legal support during checks carried out by the competent authority
  • We prepare and submit notifications of data collections
  • We prepare request for the interpretation of the provisions on personal data protection
  • We prepare and negotiate agreements for entrusting the processing of personal data, including in the context of transferring personal data outside the European Economic Area.

Personal data protection audit

Personal data protection audit offered by JPL Group is carried out by a team consisting of IT specialists and lawyers. Its purpose is to examine the compatibility of the Client’s ompany with the provisions of the Directive 95/46 / EC of the European Parliament, the Act of 29 August 1997 on the protection of personal data and implementing provisions to this Act, as well as the Act on electronic services and other specific provisions governing the processing of personal data at the Client’s company.



Czytaj więcej

IT and security audit

Security and IT audits concern issues related to business IT management that were previously determined depending on the Client’s needs and the security of data and information processed through IT systems. The IT audit is conducted mainly in order to support the IT process optimisation and security, improve the security level of data processing or minimise operational and security risks in the company.

Rozwiń więcej

Legal services for websites and online stores

We prepare websites and online shops in a comprehensive manner to enable them to successfully enter the service market. We take into account the applicable provisions of the Acts on consumer rights, telecommunications, electronic services and protection of personal data. Within the services, we offer:

  • Preparation of regulations on the provision of electronic services
  • Preparation of guidelines for the processing of personal data through appropriately constructed clauses of consent to the processing of personal data for “marketing purposes”, etc.
  • Preparation of Policies and Regulations protecting the rights of the website or online store’s owner (Privacy Policy)

The provision of our services begins already at the early implementation stage – when a website, online store or other e-commerce tool project is being established. Firstly, we assess the legality of the project. Secondly, we indicate the direction in which the design and development stages should progress. Lastly, we prepare the above-mentioned documents.

Czytaj więcej

Personal data protection documentation

We assist our Clients with tasks such as preparing and implementing documents regulating the processing of personal data. Within the services, we prepare:

  • Security Policies
  • An Information System Management manual
  • Personal data processing authorisation templates
  • Confidentiality agreements


Czytaj więcej

Guidelines for telecommunications and postal operators

We assist postal and telecommunications operators in the preparation of guidelines in situations of particular danger.

On behalf of the Client, we carry out all the necessary arrangements, correspond with relevant authorities and draw up procedures and present them before the Office of Electronic Communications for approval.

Czytaj więcej

Przejęcie obowiązków ABI

Oferujemy profesjonalny outsourcing ABI – nasi eksperci przejmą pełnienie obowiązków Administratora Bezpieczeństwa Informacji i będą wykonywali pełnię jego obowiązków w Twojej firmie.

Administrator bezpieczeństwa informacji (ABI) odwołuje się do ustawy z dnia 29 sierpnia 1997 roku o ochronie danych osobowych i oznacza on osobę, której zadaniem jest prowadzenie działań w zakresie ochrony przetwarzanych danych osobowych z upoważnienia administratora danych osobowych.

Poprzez przejęcie funkcji ABI pozwalamy naszym Klientom skupić się na przedmiocie ich działalności, a my robimy to, na czym znamy się najlepiej.

Powoływany spośród naszych ekspertów Administrator Bezpieczeństwa Informacji:

  • Jest wyraźnie wskazaną tj. z imienia i nazwiska osobą, niemniej Klient obsługiwany jest przynajmniej przed dwie osoby: prawnika oraz eksperta IT
  • Jest zgłaszany do Rejestru Administratorów Bezpieczeństwa Informacji prowadzonego przez Generalnego Inspektora Ochrony Danych Osobowych, co zwalnia Klienta z rejestracji zbiorów zawierających dane zwykłe w rejestrze Zbiorów Danych prowadzonego przez Generalnego Inspektora Ochrony Danych Osobowych
  • Jest zewnętrznym doradcą, ale dąży do zbudowania u Klienta relacji partnerskich w ramach pełnionych cyklicznie dyżurów
  • Pozostaje w kontakcie z osobą koordynującą po stronie Klienta, jak również ze wszystkimi pracownikami Klienta, którzy mają możliwość zwrócenia się do ABI z prośbą o wyrażenie opinii, czy przygotowanie konkretnych wytycznych

Penetration testing

At our Client’s request, our IT specialist organise penetration tests. Their purpose is to simulate hacking to find security loopholes. The test consists in a controlled braking into and takeover of the IT system, mobile applications, infrastructure, cloud network or workstations.


Rozwiń więcej


We want to share our practical experience with our Clients. This is why we organise training lessons.

We carry out open training addressed to the representatives of various organisations, as well as a closed training for our specific Clients that is tailored to their business activity.

The training is led by our experts and is dedicated to, among others, the function of the Information Security Administrator, personal data processing management, information security management, legal aspects and principles of information protection.

Our regular Clients can also benefit from e-learning courses, thanks to which theirs staff is kept up to date.

Czytaj więcej

Crisis Management

We support public authorities in the preparation of plans for crisis prevention.

In this regard, we analyse the regularity of crisis management in the public sector for internal and external auditing purposes.

Czytaj więcej