Przetwarzanie danych osobowych przez związki wyznaniowe a uprawnienia Generalnego Inspektora Ochrony Danych Osobowych

People who have actually withdrawn from a religious denomination are entitled to make a written demand requiring that this religious denomination should stop processing their personal data and include the relevant information in the appropriate register (for example, in the baptismal register). In such a situation, the internal law of this religious denomination should define the procedure required in the exercise of control powers (pertaining to information and rectification) by those people, which follows from the provisions of the act on the protection of personal data. A religious denomination has the exclusive right to determine its internal relations with its members or persons who have regular contact with it, which means that these relations fall outside the competence of the Inspector General for the Protection of Personal Data and courts as bodies of the state. However, a religious denomination has to guarantee the exercise of control powers by people whose data it processes. Put differently, it is obliged to develop a suitable procedure regulating the abandonment of processing personal data. The Inspector General for the Protection of Personal Data, for his part, is entitled to ask religious organisations for an explanation as to whether such a procedure has been introduced. If not, he should signal the irregularities in their processing of personal data. This solution guarantees both the inviolability of the doctrine of religious denominations by state bodies and the exercise of rectification powers by persons whose data are processed by religious denominations. However, it is legitimate to make a proposal de lege ferenda that this procedure should be included in the provisions of the act on the protection of personal data, which is an act of generally applicable law.