GDPR: working with Personal data
With the rapid development of business on the Internet, including in Ukraine, a real legal settlement of the issues of personal data protection by preventive means and compensation damage for their violation is necessary. This issue is particularly relevant for those companies that have access to personal data of EU citizens and where the number of employees is more than 250 people (small and medium-sized enterprises are not required to keep records of data in most cases stipulated by Art. 30.5 GDPR). The main conditions for the collection, storage and distribution of personal data and the liability for violation of personal data are provided for by the Law of Ukraine “On the protection of personal data” of 01.06.2010, No. 2297-VI (Law No. 2297-VI). Also, the responsibility for violation of personal data is provided in Art. 182 of the Criminal Code of Ukraine, in Art. 188-39 of the Code of Administrative Offenses of Ukraine. On April 26, 2017, the European Court of Human Rights ruled in plaintiff’s favor for the protection of his personal data, with a reimbursement of EUR 6,000 for non-pecuniary damage, referring, inter alia, to the Convention for the Protection of...