Must authorisations to process personal data be issued for an employee who will cover for another employee during their absence (leave, sickness, etc.)? What is the correct approach in this regard?

Question

Accepted Answer

ANSWER Authorisation under Article 29 GDPR should be granted at the time of employment to every employee who, in connection with performing their duties, will process personal data. There is no need to grant additional authorisations to employees who cover for other employees in connection with their absence.

Must authorisations to process personal data be issued for an employee who will cover for another employee during their absence (leave, sickness, etc.)? What is the correct approach in this regard?

ANSWER

Read also:

12 March 2026

Jak wdrożyć UKSC / NIS2 - poradnik dla firm

12 March 2026

Jak wdrożyć KSC / NIS2 - poradnik dla firm

03 February 2026

Ocena skutków dla ochrony danych (DPIA) – praktyczny przewodnik + wzór formularza

Dr RODO - aplikacja do audytu i ryzyka

Diagnozuj zgodność i dbaj o odporność organizacji