Polish airports launch initiative to standardise passenger data protection

Polskie Porty Lotnicze (PPL) and the Związek Regionalnych Portów Lotniczych (ZRPL) have signed a letter of intent to create a unified Code of Practice for the protection of personal data for airport operators across Poland. The initiative, seen as a model for the industry, aims to harmonise how personal data is handled at all Polish airports.

Airport operators process large amounts of personal information every day, including data from passengers, staff and contractors. Until now, each airport met data protection obligations under EU GDPR on its own, with varying internal procedures. The new Code of Practice will interpret GDPR requirements specifically for airport operations and is intended to serve as a reference for the sector.

The working group that has been launched will map data processing activities used in areas such as security, marketing, human resources and operations. After public consultation, the final Code will be submitted for approval by the President of Poland’s Data Protection Authority. Once accredited, compliance with the Code will be recognised as proof of GDPR compliance across the EU aviation sector.

More details are available in PPL’s official announcement (in Polish).