ODO24 Logo
ODO24 Logo
ODO24 Logo
GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
Documentation and Procedures

Is an authorised employee who emails clients' personal data to their private email address a trusted recipient?

ANSWER

Such an incident should certainly be treated as a breach of internal procedures or an infringement of the GDPR, but should also be considered in the context of a possible personal data breach, as it may lead to personal data being disclosed to an unauthorised recipient — the email service provider handling the employee's private mailbox. (In other words, the employee remains a person authorised to access the data, but sending it to a private address may result in access to those data being granted to an unauthorised recipient, i.e. the email service provider.)

Show all
PreviousNext

Read also:

07 June 2026

TikTok a RODO w sektorze publicznym – czego urzędy mogą dowiedzieć się z niemieckich zaleceń dla instytucji

29 May 2026

Kontrola służbowej poczty e-mail pracownika a tajemnica przedsiębiorstwa - kiedy pracodawca może legalnie przejrzeć skrzynkę?

14 May 2026

Czy pracodawca może opublikować zdjęcie pracownika? Wykorzystanie wizerunku pracownika na gruncie RODO i prawa autorskiego

Poradniki i Nawigatory

Poradniki i przewodniki RODO

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.
Sending client data to a private email – is the employee a trusted recipient? | ODO 24 | ODO 24