On 1 June 2010 Ukrainian Parliament has finally adopted the Law
On Personal Data Protection (the
"Law"). The Law will become
effective from the 1st of January 2011.
The Law offers protection of personal data collected,
accumulated, processed and used for other than private and/or
certain professional needs.
The Law expressly exempts from its ambit the instances of the
creation of the personal data databases and processing of the
personal data in such databases by (i) individuals for their
personal or household needs; (ii) journalists in connection with
their professional activities; and (iii) professional artists,
writers and similar persons for purposes of their creative
The Law introduces a definition of personal data as any data or
combination thereof on the identified or identifiable
Any personal data (except for the depersonalized one) is deemed
to be the information with restricted access and may not be
processed without the consent of the individual concerned except
for the cases (i) when it is explicitly provided for by law, and
(ii) where the data is necessary for the purposes of maintaining
national security, economic welfare and for the protection of human
Furthermore, any personal data on the individual who is willing
to occupy any public office within the system of the national
government is not deemed the information with restricted
In addition, the Law prohibits disseminating personal data for
any purpose other than for purpose of the original collection of
Significantly, it is explicitly prohibited to process personal
data related to the racial or ethnic origin, political, religious
or philosophical beliefs, political-party or trade-union
membership, as well as processing of data concerning health or sex
life, unless carried out pursuant to the unambiguous consent of the
data subject or in other cases explicitly provided for by the
The Law further sets out mandatory requirement to register any
personal data database in the State Register of the Personal Data
Databases. For that reason, a separate state authority is yet to be
created by the government.
Law: Law of Ukraine on Personal Data Protection, dated 1
June 2010, No. 2297-VI.
This article was written for Law-Now, CMS Cameron
McKenna's free online information service. To register for
Law-Now, please go to www.law-now.com/law-now/mondaq
Law-Now information is for general purposes and guidance
only. The information and opinions expressed in all Law-Now
articles are not necessarily comprehensive and do not purport to
give professional or legal advice. All Law-Now information relates
to circumstances prevailing at the date of its original publication
and may not have been updated to reflect subsequent
The original publication date for this article was
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
With new notification requirements and a risk of increased fines, the GDPR will require organisations based in or with operations inside the EU, to adhere to a new regulatory framework in the event of a data breach.
Compromised data compromises goodwill. As the public wakes up to how much of its data is in circulation, how long it can be stored and how much value it has, they are rightly demanding that it be properly secured.
Only a couple of weeks after the EU General Data Protection Regulation entered into force, the independent consulting company ePrivacy has brought two data protection seals to market...
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).