Advised a large developer on data processing issues

The team from our practice group conducted a comprehensive analysis of the processes concerning how personal data was processed within the group of companies of a large developer. The analysis included gathering information with the use of check-lists, conducting interviews with employees, reviewing then-effective internal by-laws and also analysing how the group was actually carrying out its activity.  

Based on the results of the above measures our lawyers prepared reports revealing that the client’s business processes did not comply with Russian legislation on personal data. Our lawyers also provided the client with hands-on recommendations for how such non-conformity could be eliminated. The specialists of the practice developed a full set of internal by-laws to regulate the processing of personal data, including notifications to be submitted to the Russian Federal Service for the Supervision of Communications, Information Technology and the Mass Media (in Russian, referred to by the abbreviation ‘Roskomnadzor’).