Michał Dutkiewicz

Attorney at law, member of the Regional Bar Association in Poznań. Graduate of the Faculty of Law and Administration at the Adam Mickiewicz University in Poznań.

He specialises in matters related to personal data protection, cybersecurity and business continuity, with a special focus on the protection of privacy in on-line telecommunications, e-commerce and marketing activities.

Michał Dutkiewicz participates in audits on information security at entities from the financial, transport, manufacturing, water supply and sewage as well as health care sectors. He provides support in processes of purchase of IT and OT systems where he drafts provisions regarding licences and parameterisation of maintenance services (so-called SLA). Also, he adapts documentation of services provided by electronic means to business needs and legal requirements, in particular for web platforms and websites (including privacy policies, regulations for the provision of electronic services and information obligations). In his work, he reviews the process of application development in terms of the possibility of using social plugins.

He is involved in legal handling of project related to the development and implementation of information security management systems. He drafts and reviews data protection policies, DPIAs and procedures in compliance with ISO 27001 and 22301. Moreover, he provides support during due diligence audits with regard to copyright, personal data protection and cybersecurity.

He engages in pro bono work, legally supporting the Stanisław Wyspiański Association.

Michał Dutkiewicz
Michał Dutkiewicz Attorney-at-law michal.dutkiewicz@piszcz.pl Tel: +48 61 859 44 44 Laguages: english
  • providing support in the drafting of documentation related to the purchase of IT and OT systems;
  • reviewing documentation related to system maintenance (SLA);
  • adapting activities in the e-commerce sector, i.e. of web platforms and websites, in particular of purchasing and manufacturing platforms, to legal requirements (drafting regulations and policies, giving recommendations on rules and functionalities of sites and platforms);
  • carrying out due diligence audits;
  • drawing up adapting documentation and internal procedures compliant with the GDPR and information security requirements;
  • ensuring compliance of internal procedures and documentation with business continuity requirements (developing BCPs and BIAs);
  • carrying out audits on compliance with the GDPR at entities conducting business activities in the manufacturing, financial, transport, health care and telecommunications sectors, including in international commercial companies;
  • carrying out audits on compliance with provisions of the Act on the National Cybersecurity System at key service operators and public entities;
  • providing day-to-day advice to business entities, in particular corporate services to commercial companies, including drafting and reviewing contracts, memoranda and articles of association, resolutions of company authorities, drawing up draft legal opinions, contracts and pleadings in the area of civil law and business law.