Wizards.io Blog - GDPR, DORA, NIS2, AI Act
Articles and guides on GDPR, DORA, NIS2 and AI Act compliance. Practical knowledge about data protection and cybersecurity.
All articles (34)
-
Personal data minimization - a GDPR obligation that also serves as a security measure
- Why the GDPR Article 5 minimisation principle is also a risk management rule in an ISMS, and how Detecto and Oblivio support it in the context of NIS2, the Polish Cybersecurity Act and DORA.
[RODO - 2026-07 - Adam Jeż]
Minimalizacja danych osobowych - obowiązek z RODO, który jest też środkiem bezpieczeństwa
-
Personal Data Anonymization in Poland - Rules and Methods
- What anonymization means legally, how the 2025 CJEU ruling in C-413/23 P (SRB) changed the standard, and how the Article 29 WP methodology meets Polish DPA enforcement reality.
[RODO - 2026-06 - Adam Jeż]
Anonimizacja danych osobowych w Polsce - zasady i metody
-
Personal Data Retention in the Context of NIS2 and DORA
- How to manage data retention according to NIS2, DORA, and GDPR requirements? Practical guide for financial sector and critical infrastructure.
[RODO - 2025-01 - Wizards Team]
Retencja danych osobowych w kontekście NIS2 i DORA
-
GPAI Code of Practice: Voluntary Guidelines for AI Act
- What is the Code of Practice for GPAI models? How does it affect large language model providers and organizations using AI?
[AI - 2025-01 - Wizards Team]
Kodeks GPAI: dobrowolny regulamin dla AI Act
-
DORA in Poland 2025: What You Need to Know
- Practical guide to DORA implementation in Poland. Deadlines, regulatory requirements, and key steps for financial institutions.
[DORA - 2025-01 - Wizards Team]
DORA w Polsce 2025: co musisz wiedzieć
-
NIS2 in Poland: Implementation Status and Entity Obligations
- What is the NIS2 implementation status in Poland? Which sectors are covered and what are the obligations for essential service operators?
[NIS2 - 2025-01 - Wizards Team]
NIS2 w Polsce: stan wdrożenia i obowiązki podmiotów
-
How to Prepare for a GDPR Audit in 2025
- Comprehensive GDPR audit preparation checklist. What do auditors check and how to avoid the most common non-compliances?
[RODO - 2025-01 - Wizards Team]
Jak przygotować się do audytu RODO w 2025 roku
-
Artificial Intelligence and GDPR: Challenges and Solutions
- How to reconcile AI use with GDPR requirements? Profiling, automated decisions, and data subject rights in the context of artificial intelligence.
[AI - 2024-10 - Michał Wiśniewski]
Sztuczna inteligencja a RODO: Wyzwania i rozwiązania
-
Pseudonymization vs Anonymization: Key Differences in GDPR
- What is the difference between pseudonymization and anonymization? When to use which technique? Practical GDPR guide.
[RODO - 2024-09 - Wizards Team]
Pseudonimizacja a anonimizacja: Kluczowe różnice w RODO
-
Automatic Data Classification Using AI
- How does artificial intelligence support personal data classification and categorization? ML models serving privacy protection.
[AI - 2024-09 - Wizards Team]
Automatyczna klasyfikacja danych z wykorzystaniem AI
-
Data Breach: Notification Procedure and Response
- What to do in case of personal data breach? Deadlines for reporting to DPA and notifying affected individuals.
[RODO - 2024-09 - Anna Kowalska]
Naruszenie ochrony danych: Procedura zgłaszania i postępowania
-
Data Transfer Outside EEA: GDPR Rules and Mechanisms
- How to legally transfer personal data to the USA and other third countries? SCCs, adequacy decisions, and binding corporate rules.
[RODO - 2024-09 - Piotr Nowak]
Transfer danych poza EOG: Zasady i mechanizmy RODO
-
Nocturno: Data Anonymization with Referential Integrity
- How does Nocturno anonymize personal data while preserving database relationships? Pseudonymization and anonymization techniques for GDPR.
[Nocturno - 2024-08 - Wizards Team]
Nocturno: Anonimizacja danych z zachowaniem spójności referencyjnej
-
Oblivio: Automatic Retention Management and Personal Data Deletion
- How does Oblivio automate the personal data lifecycle? Retention policies, automatic deletion, and GDPR compliance.
[Oblivio - 2024-08 - Wizards Team]
Oblivio: Automatyczne zarządzanie retencją i usuwaniem danych osobowych
-
Records of Processing Activities (ROPA): How to Maintain It?
- What is a record of processing activities and who must maintain it? Template and practical tips for creating ROPA.
[RODO - 2024-08 - Michał Wiśniewski]
Rejestr czynności przetwarzania (RCP): Jak go prowadzić?
-
GDPR – Comprehensive Guide to Data Protection
- Everything you need to know about GDPR. Data processing principles, individual rights, and controller obligations.
[RODO - 2024-07 - Katarzyna Zielińska]
RODO – kompleksowy przewodnik po ochronie danych
-
Revelio: Automatic Personal Data Detection in Documents
- How does Revelio use AI to identify personal data in unstructured documents? NLP technology serving GDPR compliance.
[Revelio - 2024-07 - Wizards Team]
Revelio: Automatyczne wykrywanie danych osobowych w dokumentach
-
Detecto: Personal Data Detection in Databases and IT Systems
- How does Detecto scan databases for personal data? Automatic inventory for GDPR and DORA compliance.
[Detecto - 2024-07 - Wizards Team]
Detecto: Wykrywanie danych osobowych w bazach danych i systemach IT
-
DPO – Data Protection Officer: When is One Required?
- When must an organization appoint a Data Protection Officer? What are the DPOs obligations and responsibilities under GDPR.
[RODO - 2024-07 - Anna Kowalska]
IOD – Inspektor Ochrony Danych: Kiedy jest wymagany?
-
DPIA – Data Protection Impact Assessment: When and How to Conduct It
- What is DPIA and when is it mandatory? Methodology for conducting data protection impact assessments under GDPR.
[RODO - 2024-07 - Piotr Nowak]
DPIA – Ocena skutków dla ochrony danych: Kiedy i jak ją przeprowadzić
-
What is DORA and what framework does it establish
- Digital Operational Resilience Act for the financial sector. Learn about the obligations it imposes on financial institutions and how to prepare.
[DORA - 2024-06 - Anna Kowalska]
Czym jest DORA i jakie wyznacza ramy działania
-
NIS2 – Risk Assessment and Incident Reporting
- New requirements of the Network and Information Security Directive. Learn about key changes and implementation deadlines.
[NIS2 - 2024-06 - Piotr Nowak]
NIS2 – ocena ryzyka i zgłaszanie incydentów
-
AI Act – Artificial Intelligence Regulation in Europe
- Comprehensive guide to the Artificial Intelligence Act. Risk categories, requirements, and implementation timeline.
[AI - 2024-06 - Michał Wiśniewski]
AI Act – regulacja sztucznej inteligencji w Europie
-
Consent for Data Processing: GDPR Requirements and Common Mistakes
- How to properly collect and document consent for personal data processing? Consent validity requirements and how to meet them.
[RODO - 2024-06 - Piotr Nowak]
Zgoda na przetwarzanie danych: Wymogi RODO i najczęstsze błędy
-
Cookies and GDPR: Practical Compliance Guide
- How to properly implement a GDPR and ePrivacy compliant cookie banner? Which cookies require consent and how to collect it.
[RODO - 2024-06 - Michał Wiśniewski]
Cookies a RODO: Praktyczny przewodnik po zgodności
-
Personal Data Anonymization – Methods and Challenges
- How to effectively anonymize personal data? Techniques, tools, and common mistakes in the anonymization process.
[RODO - 2024-05 - Michał Wiśniewski]
Anonimizacja danych osobowych – metody i wyzwania
-
Sensitive Data vs Personal Data: Key Differences in GDPR
- How do special category data differ from regular personal data? What additional requirements does GDPR impose on sensitive data processing.
[RODO - 2024-05 - Michał Wiśniewski]
Dane wrażliwe vs dane osobowe: Kluczowe różnice w RODO
-
GDPR Data Subject Rights: Complete Guide for Organizations
- How to handle data subject requests? Right of access, rectification, erasure, portability, and objection.
[RODO - 2024-05 - Anna Kowalska]
Prawa osób w RODO: Kompletny przewodnik dla organizacji
-
10 GDPR Myths That Could Cost Your Business
- Most popular misconceptions about GDPR. Check if you are not making these costly data protection mistakes.
[RODO - 2024-04 - Anna Kowalska]
10 mitów o RODO, które mogą kosztować Twoją firmę
-
GDPR Fines: Biggest Penalties and How to Avoid Them
- Analysis of the largest GDPR fines in Europe and Poland. What violations are most frequently penalized and how to protect your organization.
[RODO - 2024-04 - Piotr Nowak]
Kary RODO: Największe grzywny i jak ich uniknąć
-
Data Retention – How Long to Store Personal Data?
- Principles for determining data retention periods. How to avoid fines for storing personal data too long.
[RODO - 2024-03 - Piotr Nowak]
Retencja danych – jak długo przechowywać dane osobowe?
-
Cybersecurity in the Financial Sector
- Security requirements for financial institutions. DORA, NIS2 and regulators – how to meet all regulations.
[DORA - 2024-02 - Anna Kowalska]
Cyberbezpieczeństwo w sektorze finansowym
-
High-Risk AI Systems – AI Act Requirements
- Which AI systems are classified as high-risk? Obligations for providers and users according to the AI Act.
[AI - 2024-01 - Michał Wiśniewski]
Systemy AI wysokiego ryzyka – wymogi AI Act
-
GDPR – Complete Personal Data Protection Guide
- Everything you need to know about GDPR. Principles, rights, obligations, and practical guidance for organizations.
[RODO - 2024-01 - Wizards Team]
RODO – Kompletny przewodnik po ochronie danych osobowych
Tags
- RODO
- AI
- DORA
- NIS2
- Revelio
- Detecto
- Nocturno
- Oblivio