Starting September 1, 2025, new rules will apply to how companies handle anonymized personal data in Russia. If you’re an employer or responsible for managing personal data, it’s important to understand what’s changing and what you’ll need to do to stay compliant.
From this date, companies that collect and process personal data must be ready to provide a list of anonymized personal data to the Ministry of Digital Development, Communications and Mass Media. This list will be used to build a secure State Information System (SIS) that holds anonymous data for public use.
The Ministry may send a formal request asking for this information. When that happens, your company must:
Once the data is submitted, it will be stored in a way that makes it impossible to reverse or recover personal identities.
To protect privacy and national security, the anonymized data in the SIS cannot be shared with:
If your business handles personal data, now is a good time to:
Staying ahead of these changes will help you avoid penalties and keep your data practices in line with the law.
Easy to start,
intuitive to use