Yes, scraping public data in Poland is generally legal if it complies with GDPR, copyright law, and the Act on Access to Public Information. Public sector data is accessible under the Ustawa o dostępie do informacji publicznej (2001), but automated extraction must avoid violating personal data protections or database rights. The Prezes Urzędu Ochrony Danych Osobowych (PUODO) enforces GDPR compliance, while the Ministerstwo Cyfryzacji monitors public sector data dissemination policies. Recent 2026 amendments to the Ustawa o Krajowym Systemie Cyberbezpieczeństwa introduce stricter penalties for unauthorized scraping of critical infrastructure data.
Key Regulations for Scraping Public Data in Poland
- GDPR Compliance (RODO): Personal data cannot be scraped without a lawful basis (e.g., public interest or consent). Automated collection triggering profiling risks fines up to €20M or 4% of global turnover under Art. 83 GDPR.
- Copyright Law (Ustawa o prawie autorskim i prawach pokrewnych): Publicly accessible data may be protected if structured as a “database” under Art. 115–128. Unauthorized extraction violating sui generis rights risks civil liability (Art. 79).
- Public Information Act (Ustawa o dostępie do informacji publicznej): Public bodies must provide data upon request, but automated scraping must not disrupt services or exceed reasonable technical limits (Art. 10). The Rządowe Centrum Legislacji enforces these restrictions.