You have Cookie disabled in your browser. Displaying the site will be incorrect!
en de

In order to comply with all the requirements of Russian laws for the processing and protection of personal data, it must be placed in a protected circuit.

Our cloud infrastructure is a segment of the cloud with specialized protection tools, a full package of documents, and a set of services to comply with the requirements of regulators under 152-FZ.

Technical advantages of the 152-FZ Cloud
Business opportunities with the 152-FZ Cloud
Data centers that meet the requirements of 152-FZ
  • — Active locations
  • — Planned locations
Tools we use to protect personal data
Important to know about 152-FZ
What does the Law “On Personal Data” say?

The Federal Law “On Personal Data” dated July 27, 2006 No. 152-FZ (with amendments 242-FZ dated July 21, 2014) requires the localization of personal data (PD) of Russian citizens on the territory of Russia. This means that a company that works with Russian clients must ensure the recording, systematization, accumulation, storage, and refinement of the personal data of Russian citizens using databases located in the Russian Federation. The law doesn’t forbid the cross-border transfer of personal data of Russian citizens—the operator can transfer information to other countries, however, this data must be simultaneously stored on the territory of the Russian Federation. In addition, when processing PD on the territory of Russia, a company is obliged to comply with a number of requirements related to ensuring the protection of PD (including the use of certain information security tools).

Please note that the very concept of personal data doesn’t only include full names, dates of birth, passport data, and addresses, but any information that relates to a specific person or persons. For example, a phone number itself is not a personal identification number, as it’s not obvious to whom it belongs. But, if we’re talking about any kind of database with the full names of customers and their contact information, then this case falls under the definition of PD.

When is a foreign company subject to this law?

Even if a company doesn’t have a physical presence in Russia, it falls under Russian law if its activities are aimed at the Russian market, as described in the following situations:

  • there is a Russian-language version of the website and/or a Russian domain
  • the customers pay for services or goods in rubles
  • the users see Russian-language advertisements on the website
Who enforces the law?

Roskomnadzor monitors the implementation of the law “On Personal Data”. This office maintains a register of violators and may block websites of companies that violate Russian legislation on personal data. Also, for such violations, fines are established, with the amount depending on the type of violation. Currently, the total amount of fines for violations in the field of personal legislation reaches several million rubles.

What solution is best for foreign companies?

In this situation, the best solution for foreign companies is to employ the services of cloud providers with data centers in Russia. G‑Core Labs is just such a provider.

We provide foreign companies with infrastructure that meets the requirements of Russian legislation. We have our own data centers throughout Russia.

Are you planning to store and process the personal data of your customers and users in Russia?
Take advantage of our 152-FZ cloud infrastructure. Start with a free consultation