| Developers: | 1OPD, 1OPD (Discounto) |
| Technology: | DSS |
1OPD Platform is a platform for the secure storage and management of your customers' personal data in full compliance with 152-FZ.
2025: Entry into the register of Russian software
1OPD, 1OPD (Discounto) on June 25, 2025 announced the introduction of Russian software into the register.
1OPD is a service that helps close the issue of working with personal data "turnkey." The 1OPD team has high expertise and provides high-quality legal support, as well as a convenient platform for storing and managing personal data.
 | Adding our company to the register of domestic software is an important step that opens up opportunities for cooperation with government agencies and business. We are confident that our solutions will help increase the efficiency of organizations and meet modern data protection requirements. Especially after the law on personal data, which entered into force on May 30, 2025. " said managing partner of the 1OPD Marina Aleksandrovskaya.
|  |
On May 30, 2025, the revision of Art. 13.11 of the Code of Administrative Offenses aimed at toughening liability for violations in the field of personal data processing, including negotiable fines for personal data leaks. Now companies will pay a percentage of revenue if there are serious violations that caused a leak. In the event of a repeated data leak, the fine can be up to 3% of the revenue for the previous year, but at least 20 million rubles.
Here are the main steps and tips from 1OPD experts to help companies avoid breaking the new rules, which began to operate on May 30:
1. Audit current processes: understand where, how PDs are collected, who has access to them, how they are stored and protected, whether all the necessary documents are developed and correctly placed. The ideal option is when the company already has all the specialists necessary for this. If not, it is worth turning to specialized companies that will help with this.
2. Appoint a PD Officer (DPO) and update the PD Processing Policy Order (unless previously done).
3. Confirm localization of data storage in the Russian Federation.
4. Submit a notice to, Roskomnadzor notify separately of cross-border transfer, if any.
5. Ensure correct consent to PD processing: especially if a site or other online forms are used to collect PD.
6. Set up procedures for notifying Roskomnadzor of incidents (within 24 hours from the moment of detection).
If there is a leak, then companies need to:
- Immediately record the incident by internal means (log, act, screenshots).
- Within 24 hours notify Roskomnadzor (in electronic form or on paper).
- Take measures to minimize the consequences: disabling access, blocking compromised services, notifying customers.
- Send an additional notification to Roskomnadzor about the results of the internal investigation, including information about the causes, the volume of the leak and the measures taken - within 72 hours.
- In certain situations, inform your partners. Although there is no direct and universal requirement to notify counterparties in 152-FZ, it arises from a set of obligations, for example, if a company transfers personal data to third parties (for example, contractors, marketing agencies, IT services).
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |