Designed by Freepik
On February 11, Acsour hosted a webinar on one of the most critical topics for business — personal data processing. Together with our experts, Elena Fatkulina and Ivan Lyukshin, participants explored why appointing a data protection officer and signing a privacy policy are no longer sufficient.
The discussion was both comprehensive and highly practical. Our experts clarified what constitutes personal data under current regulations and why the scope of this definition continues to expand. A key focus was the critical distinction between a data operator and a data processor — a difference that directly determines a company's scope of liability and the scale of potential penalties.
Participants learned how to build a data processing framework from scratch or restructure existing processes — from obtaining consents to the proper disposal of information. A significant part of the session was dedicated to real-world compliance mistakes companies make in their daily operations and, more importantly, how to avoid them. Our experts also shared which technical and organizational security measures genuinely stand up to Roskomnadzor inspections.
The review of current court practice drew particular attention. Through real case studies, we examined the most frequent grounds for fines, reminded attendees that penalties for violations of Federal Law No. 152-FZ now exceed 18 million rubles, and noted that regulatory oversight is only intensifying.
Attendees' key questions addressed during the session:
1.Which types of data are most commonly and mistakenly not classified as personal data, despite legally being so?
2.Are the following considered personal data:
4.What violations is Roskomnadzor currently identifying most frequently?
5.Is obtaining consent always mandatory, or are there alternatives?
6.Who within a company should be responsible for personal data: the legal department, information security, HR, or a dedicated DPO?
The discussion was both comprehensive and highly practical. Our experts clarified what constitutes personal data under current regulations and why the scope of this definition continues to expand. A key focus was the critical distinction between a data operator and a data processor — a difference that directly determines a company's scope of liability and the scale of potential penalties.
Participants learned how to build a data processing framework from scratch or restructure existing processes — from obtaining consents to the proper disposal of information. A significant part of the session was dedicated to real-world compliance mistakes companies make in their daily operations and, more importantly, how to avoid them. Our experts also shared which technical and organizational security measures genuinely stand up to Roskomnadzor inspections.
The review of current court practice drew particular attention. Through real case studies, we examined the most frequent grounds for fines, reminded attendees that penalties for violations of Federal Law No. 152-FZ now exceed 18 million rubles, and noted that regulatory oversight is only intensifying.
Attendees' key questions addressed during the session:
1.Which types of data are most commonly and mistakenly not classified as personal data, despite legally being so?
2.Are the following considered personal data:
- Corporate email addresses in the format name@company.ru?
- Nicknames in messengers and social media?
- IP addresses and cookies?
4.What violations is Roskomnadzor currently identifying most frequently?
5.Is obtaining consent always mandatory, or are there alternatives?
6.Who within a company should be responsible for personal data: the legal department, information security, HR, or a dedicated DPO?
The topic proved so high in demand that some participants' questions — requiring an individual approach — remained beyond the webinar's scope. As a special bonus, we are offering a free 30-minute consultation with our experts to address your company's specific situation.
We regularly host events on the most recent developments in legislation, taxation, HR administration, and international business. Stay tuned for announcements on our website and in our email newsletters — we look forward to seeing you again. To request the webinar materials, please fill out the form:
We regularly host events on the most recent developments in legislation, taxation, HR administration, and international business. Stay tuned for announcements on our website and in our email newsletters — we look forward to seeing you again. To request the webinar materials, please fill out the form:
