To answer the question briefly and directly: What shredders are GDPR-compliant?

There is no specific provision in the law or official guidance from the Polish Data Protection Authority that clearly defines what type of shredder is “GDPR-compliant.”

However, it is widely accepted that a shredder with a minimum security level of P-4 under DIN 66399 meets the expectations of GDPR compliance. If in doubt, we recommend purchasing at least this level of shredder.

If your organization is subject to the Polish Act on the Protection of Classified Information, you should consider a higher-level shredder—specifically P-7 under DIN 66399, which is required for destroying classified and top-secret documents.