Abstract
The article discusses the application of personal data protection regulations to the operation of entities which make up the system of providing business information and business data exchange, such as business information agencies (BIA), creditors providing information to the agencies and entities obtaining information therefrom. This system is used to verify business partners thus making transactions more secure.
The article explains what data protection duties are to be fulfilled by individual data processors within the system. The article also discusses the latest legal changes introduced by the Act of 21 February 2012 amending certain acts in connection with ensuring application of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). However, the article goes beyond the discussion on the most recent changes in law and outlines the subject more broadly as regards interdependencies between GDPR and special provisions regulating the specificity the entities operating within the system.
Key words: personal data, business information agencies, providing business information, business data exchange, BIA, GDPR
Słowa kluczowe: dane osobowe, biura informacji gospodarczych, udostępnianie informacji gospodarczych, wymiana danych gospodarczych, BIG, RODO