Personal Data Protection

The company's services in the field of information security include:

  • legal audit and development of regulations on the protection, storage, processing and transfer of personal data of employees or clients, as well as the consent of employees or clients to the processing of personal data;
  • advising on localization of storage and cross-border transfer of personal data of Russian citizens;
  • consulting on registration as a personal data operator in Roskomnadzor;
  • representation of interests in Roskomnadzor and in courts in connection with the illegal use of personal data;
  • advising on the establishment and protection of the regime of trade secrets, banking secrets, information constituting a state secret, regulation of insider information;
  • legal audit of compliance with the General Data Protection Regulation of the European Union (GDPR) and preparation of a personal data protection policy for exporters of electronic products and services to the countries of the European Union.

Our experience in the field of personal data protection includes representing the interests of:

  • a Russian subsidiary bank of a foreign banking group on the preparation of regulations on the protection, storage, processing and transfer of personal data of employees, as well as a standard employee consent for the transfer and processing of personal data to the parent bank and outsourcing company;
  • a major international bank on the project of implementing a global system of centralized intra-group monitoring for the purpose of preventing fraud in financial markets on cross-border transfer of personal and banking data;
  • a major international bank on the project of implementing a global monitoring system for trade operations and communications on cross-border transfer of personal data and information constituting a banking secret;
  • a foreign company when implementing a global system of employee innovations on cross-border transfer and localization of personal data, as well as on issues of labor law and intellectual property protection;
  • a foreign holding company in the field of fire and medical safety in the implementation of a global internal compliance system and a violation hotline for employees on issues of personal data regulation, as well as on issues of labor law;
  • a foreign company in the preparation of a global code of compliance for employees;
  • a foreign company in the preparation of a global code of conduct for contractors and subcontractors;
  • a foreign company for the regulation of personal data and advertising in the implementation of marketing mailings by e-mail;
  • a foreign holding company in the field of food and beverages production on the issue of registration with Roskomnadzor as a personal data operator;
  • a foreign telecommunications company when implementing a global employee accounting system regarding the cross-border transfer and localization of personal data of employees;
  • a foreign holding company-a manufacturer of medical products in the implementation of a global system for employees in the field of accounting for business trips and business trips on issues of Russian regulation of personal data;
  • a foreign holding company in the field of production of building materials and beverages in the implementation of a global system for employees in the field of information security on issues of Russian regulation of personal data;
  • a foreign holding company in the field of medical products production regarding the global assessment of managerial personnel;
  • a foreign company when implementing a global cloud system of customer relations and storing and processing customer orders on cross-border transfer and localization of personal data;
  • a foreign company when implementing a global policy for employees in the field of information security on issues of Russian regulation of personal data;
  • a foreign company in the field of capital and investment management in the implementation of a global cloud accounting and administration system for employees on cross-border transfer and localization of personal data and the study of a group data transfer agreement;
  • a foreign holding company in the field of food and beverage production when implementing a global cloud-based corporate email system with cloud data backup;
  • a foreign company when implementing a global cloud accounting and administration system for employees on cross-border transfer and localization of personal data;
  • the Russian subsidiary of a foreign holding company on the legal audit and the development of regulations on the protection, storage, processing and transfer of personal data of employees, as well as the standard consent of the employee to the processing of personal data in Russia and Belarus;
  • a foreign holding company in the field of production of medicines on the occasion of holding a global virtual meeting of employees;
  • a foreign company regarding the cross-border transfer of personal data of employees for the global outsourcing of accounting, HR and information technology functions to an external contractor;
  • a foreign company on internal reporting on the number of employees of a Russian subsidiary and cross-border transfer of personal data;
  • a foreign company when implementing a global system of internal training on cross-border transfer and localization of personal data of employees;
  • a foreign holding company in the field of production of medicines to provide information to new employees who have not formally started work under an employment contract (pre-onboarding);
  • a foreign holding company in the field of production of medicines on the conduct of a global internal survey of employees;
  • a foreign holding company in the field of food and beverage production when implementing a global accounting system, hiring and reducing employees regarding the cross-border transfer and localization of personal data of employees;
  • a foreign company in the field of FMCG regarding the cross-border transfer and localization of personal data of employees;
  • the leading foreign manufacturer of medical equipment for the cross-border transfer of personal and medical data of patients;
  • a foreign online service for issuing loans secured by cryptocurrency, for preparing a personal data protection policy and bringing it in accordance with the EU General Data Protection Regulation (GDPR);
  • the Singapore digital platform for conducting initial digital offerings (ICO), for preparing a personal data protection policy and bringing it in accordance with the EU General Data Protection Regulation (GDPR);
  • the American cryptocurrency mining farm on the issue of preparing a personal data protection policy and bringing it in accordance with The EU General Data Protection Regulation (GDPR);
  • Singapore online store for the sale of cryptocurrency mining equipment for the preparation of a personal data protection policy and bringing it in accordance with the EU General Data Protection Regulation (GDPR).

Alexander Nadmitov
Managing Partner
+7 (495) 64 987 12
Write a message
Sergey Lapin
Partner
Write a message
Pavel Maruev
Senior Lawyer
Ask a question

Publications

Data Protection
Amendments have been made to the Regulations on military registration
4 августа 2023
The military registration register is to be used for military registration, removal and making changes to military registration documents. 
Data Protection
New Rules for Postal Services
21 июня 2023

On April 17, 2023, the Ministry of Digital Transformation of the Russian Federation issued Order No. 382, which approved new Rules for Postal Services.

Data Protection
Changes in the regulation of biometrics
2 июня 2023

The State Duma of the Russian Federation has approved in the first reading the bill of Federal Law No. 353266-8 "On Amendments to the Code of the Russian Federation on Administrative Offenses".

Data Protection
New procedure for processing biometric personal data of individuals
17 мая 2023

The Ministry of Digital Transformation of the Russian Federation has approved a new procedure for processing biometric personal data of individuals in its Order No. 453 dated May 12, 2023.

Data Protection
The rules of accreditation of organizations performing authentication based on biometric personal data of individuals have been established
15 мая 2023

The Government of the Russian Federation, in its Resolution No. 810 of May 22, 2023, established the rules for accrediting organizations that authenticate individuals based on biometric personal data, as well as the grounds for suspension and termination of such accreditation.

Data Protection
Banks and state-owned companies cannot transmit personal data through foreign messengers
8 мая 2023
Roskomnadzor has published a list of messengers that belong to foreign legal entities and citizens, which are prohibited from being used by banks and state-owned companies when providing services. 
Data Protection
The Rules for the provision of refusal to collect and post biometric personal data have been approved
25 апреля 2023
Nadmitov, Ivanov & Partners law firm talks about new Rules for the provision of refusal to collect and post biometric personal data have been approved
Data Protection
Amendments to the Federal Law “On Personal Data”
1 марта 2023
Nadmitov, Ivanov and Partners talks about amendments to the Federal Law “On Personal Data”, which come into force from March 1, 2023 
Data Protection
Roskomnadzor is testing a system "Vepr"
20 февраля 2023
Nadmitov, Ivanov and Partners talks about system for detecting messages that potentially pose a “threat to the individual, society and the state”.
Data Protection
The President of the Russian Federation supported the initiative on the introduction of a digital passport
20 февраля 2023
Nadmitov, Ivanov and Partners talks about news in the field of a digital passport
Data Protection
"Confirmed Photo" - a new service in the mobile application of Gosuslugi
20 февраля 2023
Nadmitov, Ivanov and Partners talks about new service in the mobile application of Gosuslugi.
Data Protection
Decree about resource containing information about military registration has been signed
13 февраля 2023
In November 2022, the President of the Russian Federation signed Decree No. 854 dated November 25, 2022 “On the state information resource containing information about citizens necessary to update military registration documents.”
Data Protection
New rules in the field of cross-border transfer of personal data
23 января 2023

The Russian Government approved the procedure for prohibiting and restricting the cross-border transfer of personal data, as well as the procedure for informing operators (the Decree of the Government of the Russian Federation No. 6 and the Decree of the Government of the Russian Federation No. 24). The new rules come into effect on March 1, 2023.

Data Protection
Overview of the Federal Law on the Unified System of Biometric Data
30 декабря 2022
On December 29, 2022, in order to fill the gap in the legislation on the collection and storage of biometric data, the legislator adopted the Federal Law on the unified system of biometric data (the” Law No. 572-FZ”). In accordance with Law No. 572-FZ, biometrics will be collected and processed by the Unified Biometric System.
Data Protection
Assessment of the harm caused to personal data subjects in the event of a breach of the Federal Law "On Personal Data"
5 декабря 2022
In July 2022, the Federal Law on Personal Data (hereinafter, the "PD Law") was amended by Federal Law No. 266-FZ of 14.07.2022.
Data Protection
Procedure for destroying personal data has been established
1 декабря 2022
Order No. 179 of the Federal Service for Supervision of Communications, Information Technology and Mass Media of 28 October 2022 "On Approval of the Requirements for Confirmation of Personal Data Destruction" established the procedure for destroying personal data.
Data Protection
Amendment of Law on Personal Data
29 августа 2022
The Federal Law amending the regulations on the processing of personal data comes into force on September 1, 2022
Data Protection
Law prohibiting banks from transferring information to "unfriendly" countries signed
4 мая 2022
Law that prohibits Russian credit institutions from transmitting information to the competent authorities of "unfriendly" countries at their request was signed
Data Protection
Technology companies will have access to anonymous data
17 декабря 2021
The President of the Russian Federation instructed to provide access to organizations developing technological solutions using artificial intelligence to anonymous data sets
Data Protection
The Bank of Russia plans to allow banks to transfer anonymized credit histories of customers
14 декабря 2021
The Bank of Russia is preparing amendments to the Law on Personal Data, which will consolidate new approaches to the processing of anonymized data
Data Protection
Localization of personal data
28 января 2021
Nadmitov, Ivanov and Partners Law Firm provides legal services and represents interests of clients in the field of data protection, localization of personal data in Russia and cross-border data transfer.
Data Protection
IT companies proposed to shorten the list of data for transfer to the Moscow administration
13 октября 2020
Managing partner of the Nadmitov, Ivanov and Partners Law Firm Alexander Nadmitov commented to RBC on the legality of the Decree of the Mayor of Moscow No. 97-UM dated 06.10.2020, which obliged employers to provide information about employees, including their phone numbers, transport funds and travel tickets.
Data Protection
The mayor's office refused to consider the phone numbers as personal data
9 октября 2020
Managing partner of the Nadmitov, Ivanov and Partners Law Firm Alexander Nadmitov gave comments to RBC on what information can be attributed to personal data.
Data Protection
Moscow authorities have explained the requirement for telephones of remote workers
8 октября 2020
Managing partner of the Nadmitov, Ivanov and Partners Law Firm Alexander Nadmitov commented to RBC on the legality of the Decree of the Mayor of Moscow No. 97-UM dated 06.10.2020, which obliged employers to provide information about employees, including their phone numbers, transport funds and travel tickets.
Contact us
Ask your question and receive answer from the specialist in 30 minutes
Name
Email
Phone
Name
Phone
Email
Даю своё согласие на обработку своих персональных данных и соглашаюсь с   Personal Data Processing and Protection Policy
Спасибо! Ваша заявка отправлена
+7 (495) 649-87-12