Notifications and reports to the President of the Personal Data Protection Office (PUODO)
The controller or processor, within the meaning of Article 4(7) and (8) of the General EU Data Protection Regulation (GDPR), is obliged to notify PUODO of the appointment, dismissal and change of data concerning the data protection officer. The controller is obliged to report any personal data breach to PUODO. Electronic forms which enable fulfilling these obligations are available at www.uodo.gov.pl. After completing the form, the requesting party, if he or she has a qualified electronic signature, can send it electronically. In order to send notifications and reports to PUODO, KIR certification services can be used.
For this purpose it is necessary to obtain:
- a qualified certificate
- a cryptographic card
- a cryptographic card reader
- software for creating and verifying signatures
An electronic signature created under an application to PUODO with the use of this set has the legal effect of a qualified electronic signature equivalent to a handwritten signature.
To obtain a set for creating qualified signatures with the signing application, an agreement for the provision of trust services must be concluded with KIR.