{"id":3327,"date":"2021-05-14T23:03:56","date_gmt":"2021-05-14T20:03:56","guid":{"rendered":"https:\/\/vigolex.net\/?post_type=service&p=3327"},"modified":"2021-12-20T10:25:15","modified_gmt":"2021-12-20T07:25:15","slug":"personal-data-protection-in-ukraine","status":"publish","type":"service","link":"https:\/\/vigolex.net\/en\/project-details\/personal-data-protection-in-ukraine\/","title":{"rendered":"Personal data protection in Ukraine"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The right to privacy is one of the guaranteed constitutional human rights (Article 32 of the Constitution of Ukraine). Personal data protection, in turn, is its integral part. In Ukraine, legal relations related to the processing of personal data are governed by the Law of Ukraine \u201cOn the Protection of Personal Data\u201d.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t
\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The\u00a0protection of personal data in Ukraine is a very\u00a0complex\u00a0issue. High-profile scandals and criminal cases involving leaks\u00a0of personal data\u00a0implore\u00a0us to pay attention to the legal and technical side of the processing of information about individuals<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The law of Ukraine does not contain an exhaustive list of data that are classified as personal, which is natural. Currently, personal data can be recognized according to three criteria:<\/p>

  • information or a sum of information (surname, name, patronymic, passport data, date and place of birth, marital status, bank data, property data);<\/li>
  • of an individual (citizen, foreigner, stateless person, but not about a company or institution);<\/li>
  • data that identify or can be specifically identify (that is, having such data makes it is possible to establish identity of a particular person).<\/li><\/ul>

    Processing<\/strong>\u00a0is any action or set of actions, such as collection, registration, accumulation, storage, adaptation, change, renewal, use and distribution, sale, transfer, depersonalization, destruction of personal data, including using (automated) information systems.<\/p>

    There is a category of\u00a0particularly sensitive data<\/strong>, the processing of which is prohibited. In particular, this is the data on racial or ethnic origin, political, religious or ideological beliefs, membership in political parties and trade unions, the imposition of criminal penalties, as well as data related to health, sexuality, biometric or genetic data.<\/p>

    Of course, there are exceptions to any rule. For example, if the processing is carried out in the presence of an unambiguous consent of an individual for such processing, or this data was clearly published by the subject of personal data, the above prohibition does not apply.<\/p>

    The subjects of legal relations related to personal data are:<\/strong><\/p>

    • subject of personal data \u2013 an individual whose data is processed;<\/li>
    • owner of personal data;<\/li>
    • manager of personal data;<\/li>
    • third party;<\/li>
    • Ukrainian Parliament Commissioner for Human Rights.<\/li><\/ul>

      The owner of personal data<\/strong>\u00a0is a natural or legal person who determines the purpose of processing personal data, establishes the composition of this data and procedures for their processing. The owner can process personal data both independently and entrust it to the manager based on a written agreement.<\/p>

      A personal data controller<\/strong>\u00a0is a natural or legal person who is authorized by the owner of personal data or by law to process this data on behalf of the owner.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

      \n\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t

      Get a consultation<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\r\n
      \r\n
      \n

      <\/p>

        <\/ul><\/div>\n
        \n
        \n\n\n\n\n\n\n<\/div>\n
        \n
        \n