Platform

Ensures initial personal data processing in a data center in Russia and subsequent cross-border, subject to the provisions of personal data consent

platform_en.png

Legal compliance

Personal data processing with the use of a data center located in Russia

  • Rostelecom data center in Moscow or customer’s premises

  • Compliance with technical requirements of FSTEK and FSB

Automated collection of personal data processing consent

  • Consent is given in the electronic or written form

  • The consent form complies with the requirements of the Federal Law and includes a clause on cross-border data transfer

Cross-border personal data transfer with subject's consent

  • Data is transferred from a local data center to the cloud via API

  • Personal data changes in a local database are synchronized with the cloud

Information security

Personal data is stored in the Tier III (TIA-942) secure infrastructure of Rostelecom data center.

Personal data is stored and processed in compliance with technical requirements of FSTEK and FSB. Technical protection of confidential information and certification of 4th security class.

Personal data is encrypted with encryption keys which are stored in RAM. Encryption key management system complies with FIPS 140-2.

 

Data transfer between systems and user forms is encrypted using TLS 1.2 and a key complexity of 128b and more.

The platform is protected against OWASP TOP 10 vulnerabilities. The platform’s application components  are regularly updated to ensure a high level of security.

SIEM (Security information and event management) provides rapid detection, response and control of information security incidents.