Abstract: | In the context of an open definition of personal data and accepting a broad
understanding of the subject range of the PDPA44, information about natural persons
who conduct business activity should be treated as personal data, as it is frequently
information allowing a specific natural person to be identified. On the other hand,
publishing personal data of people with business activity in CEIDG forces the conclusion
that the sole trader decides to makes the data broadly accessible, and therefore is aware
that its protection is limited. It should not mean that commonly accessible data can
be processed absolutely freely with complete disregard for PDPA, as business entities
also have a right to privacy. However, from a practical point of view, in their case this
right is limited by the rule of the publicness of economic turnover. It can be noticed
that the practice of economic turnover forces a more flexible approach to the presented
issue45. In this respect, since May 2016, the Act has introduced new provisions that are
intended to ensure a realistic balance between the business entity’s and public interest.
The purpose of the amendment of the Act on Freedom of Business Activity, adopted
in September 2015, is primarily to accelerate the service of undertakings. Undoubtedly,
in the content of the business entity’s data the revision of the Act introduced provisions
broadening the scope of data contained in the CEIDG entry. The main changes that
came into force can certainly stir up controversies. It is difficult to explicitly declare
whether those legal solutions are effective and positive. Certainly, introducing regulations
excluding the PDPA regarding the personal data of a sole trader, assuming the public
nature of the overwhelming majority of their data, results in a situation in which they
are not properly protected. |