EN
In Poland, a law on the protection of personal data of 29 August 1997 (DzU No. 155/883 of 1997) has been in force for above four years. Monitoring of the respect for this law by private operators and public administration allows for undertaking some attempts to assess the law and to withdraw some de lege ferenda conclusions. The developments in the period of the law implementation suggest that individuals hardly changed their awareness with regard to their personal data protection. They still do not recognise the fact that their privacy is protected both by the constitutional principle and the mentioned law and only low percentage of Polish citizens has some information about it. Generally, individual citizens neither perceived safeguards concerning data held on them nor their rights to privacy and regulatory framework to ensure these rights. Therefore, they disclose data of personal nature often unsuspecting that it is used by firms in their business activities (e.g. for marketing purposes or for data commercial exchange). Hence, the paper addresses some questions concerning the protection of personal data in Poland. First, the Author presented short historical developments in the field of individuals’ data protection, then the Polish legislation, i.e. the law on data protection adopted in 1997, was summarised. Moreover, the laid down rules on data processing, the specification of information protected under the law and the legal instruments of respect for data subjects’ rights with regard to the processing of their personal data were presented.