Loading...

Contacts
Home  •   Services  •   Personal data
Personal data

Personal data

For over 13 years, Pepeliaev Group has been providing full-fledged legal support to clients in relation to all issues connected with organising work with personal data.

Services relating to personal data

  • Conducting a comprehensive audit of personal data processing.

  • Conducting a technical audit of personal data processing (a threat model, a statement of work for a PD security system, the preliminary design for a PD security system, etc.).

  • Drawing up the mandatory set of documents relating to personal data processing (regulations on personal data processing, a personal data processing policy, consents to the processing of personal data, instructions, etc.).

  • Ensuring that personal data of data subjects of different categories (applicants, employees, former employees, clients, contracting parties) is processed lawfully.

  • Selecting the optimal way to obtain consent to the processing of personal data, including advising on methods of obtaining the data subject’s written consent.

  • Conducting an audit of the company’s website in terms of whether it complies with the requirements of legislation on personal data.

  • Drafting documents relating to personal data for the company’s website (confidentiality policy, consent to the processing of personal data, cookies, consent to the disseminating of personal data, etc.).

  • Advising on how cookie-files can be processed.

  • Drafting notifications to the Federal Service for Supervision of Communications, Information Technology and Mass Media (abbreviated in Russian to “Roskomnadzor”).

  • Analysing processes associated with a cross-border transfer of personal data, and assisting in ensuring compliance with the requirements of legislation on personal data.

  • Advising on issues associated with processing biometric personal data.

  • Providing support to clients in cases of leakages of personal data on a round-the-clock basis.

  • Providing support to clients within the scope of audits conducted by Roskomnadzor.

  • Analysing a company's personal data information systems, and advising on ways to meet the requirements for the localisation of databases.

  • Providing legal support when liaising with Roskomnadzor and data subjects, and drafting responses to enquiries by Roskomnadzor or data subjects.

  • Providing one-time consultations on any issues associated with the processing of personal data.

  • Preparing recommendations for the person responsible for the processing of personal data.

  • Developing and providing training on personal data for the company's staff.

  • DPO legal support on a subscription basis at favourable rates.

  • Advising on GDPR issues.

  • Legal design of documents (such as the confidentiality policy, terms of service, a public offer, etc.).


 Why you can trust us   

  • The experience of implementing projects associated with protecting personal data, conducting an audit of personal data in companies with over 5,000 employees (transport and logistics companies, mobile operators, plants, stock exchanges, pharmaceutical companies, global companies, etc.)

  • Long-standing experience of participating in audits arranged by Roskomnadzor.

  • Unique skills in conducting complex reviews of internal documentation in terms of whether it complies with the requirements of the Law “On personal data”.

  • Pepeliaev Group’s experts are engaged to perform a double check and draft an alternative opinion.

  • Our firm’s experts regularly conduct field-specific events relating to personal data that are recognised by many of our clients as the best on the market. We feature in the Pravo 300 ratings.


Our strengths

Specialists of the level of associate and head of the group are involved in project work.

  • We guarantee that all information gathered during an audit of the processing of personal data will be full and accurate, taking into account that specialists of the level of associate and head of the group will be working on the project at all stages, in contrast to widespread practice on the market when junior level specialists provide services.

  • We do not use template approaches: we attentively review the client’s needs and provide it with a tailored solution.

  • We do not limit ourselves to a theoretical approach to the client’s request: we propose to clients relevant solutions that are applicable in practice.

  • We communicate a great deal with clients, and know the real current practice in terms of issues concerning the protection of information and personal data.

  • We constantly develop our expertise and know the current approaches of supervisory bodies with regard to compliance issues.

Projects

Assessed issues and risks connected with the implementation of a telematics system
The experts of our practice have advised a client on installing a telematics system on corporate cars made available to employees. 
Read more
Complex analysis of an access control and management system and bringing it in line with current legislation
The lawyers of the practice advised a major international company in connection with the enactment of Federal Law No. 572-FZ dated 29 December 2022 “On identifying and/or authenticating individuals using biometric personal data, on amending certain legislative instruments of the Russian Federation and on repealing certain provisions of legislative instruments of the Russian Federation” (“572-FZ”).
Read more
Other projects

By continuing to view this website, you agree with cookie files and other Internet statistics and configuration methods, means and tools being used that are applied on the website to make it more user friendly as well as, in certain cases, to promote the work and services of Pepeliaev Group and to provide information about upcoming events.

Details