Ukraine
as information or a set of information on a natural person who is, or may be, explicitly identified. 3.1.2. Definition of different categories of personal data The PDP Law contains special requirements for processing certain personal data that constitutes a special risk to the rights and freedoms of data subjects (“Special Risk Data”). Under the PDP Law, the Special Risk Data includes personal data on racial or ethnic origin, political, religious or philosophical beliefs, membership in political parties and trade unions, criminal convictions, health, sex life, biometric, and genetic data. The Procedure on Special Risk Data expands the list of Special Risk Data provided by the PDP Law and includes personal data about national origin, membership in political organisations, religious organisations or public organisations with an ideological orientation, being brought to administrative or criminal liability, application of measures to a person within the framework of a pre-trial investigation, the taking of measures against a person provided for by the Law of Ukraine on Operative Investigation Activity, committing certain types of violence against a person, location and/or routes of movement of the person. 3.1.3. Treatment of data and its different categories Personal data processing is defined under the PDP Law as any operation
or set of operations, such as collection, recording, accumulation, storage, adaptation, alteration, renewal, use and distribution (dissemination, realisation, transmission), depersonalisation, destruction of personal data, including with the use of information (automated) systems. Personal data must be accurate, reliable and updated as necessary for the purpose of its processing. The composition and content of personal data must be appropriate, adequate and not excessive in relation to the purpose of its processing. The processing of personal data is carried out for specific and lawful purposes, determined by the consent of the personal data subject or in cases provided for by the laws of Ukraine, in the manner established by the legislation. It is not allowed to process the personal data of a natural person without his/her consent if such data is confidential information, except for those cases determined by law, and only in the interests of national security, economic welfare, and human rights. The procedures for processing, timeline of processing and composition of personal data must be proportional to the purpose of processing. The purpose of personal data processing must be explicit, legitimate and determined before collection begins. If a specific purpose for personal data processing is changed to a new purpose that is incompatible with
https://www.peterkapartner s.com/en/local/kyiv/
Made with FlippingBook - PDF hosting