Legal and safe
We will ensure compliance with the laws and regulations regarding personal data, protect information systems, help to pass security checks by regulatory authorities.
Simply speaking, personal data is any information on natural persons: contact details, personnel files, access control data, medical history, user accounts, social media pages, etc.

Processing of personal data of Russian citizens is subject to Federal Law #152- FZ dated by 27.07.2006.

Personal data protection

We provide all services within the framework of FZ-152.
Organizational measures and documentation
An action plan for your company to achieve compliance with the laws and regulations regarding personal data processing.
Personal data protection
Risk analysis, threat modelling and development of a security system, selection and implementation of solutions for personal data protection.
Representation during inspections
Qualified assistance in passing inspections minimizes the likelihood of sanctions against business executives and the company itself.
Individual approach
To comply with the minimum standards or to be guided by the risk level?
It is up to you to make decisions in terms of personal data protection. Our task is to help you, whichever way you choose.

Before we make our proposal, we discuss several alternative approaches, explain to you pros and cons of each of them, and help you make a choice.
For companies doing business in the European Union* countries, we offer services with regard to the General Data Protection Regulation (GDPR):

 — GDPR compliance audit;
 — achieving compliance with the GDPR;
 — ensuring compliance with both FZ-152 and GPDR.
GDPR, EU
*To put it simply, GDPR applies to all Russian companies offering their goods and services to people located in the European Union countries. We can provide you with more detailed information upon request.

Pricing

The final cost of our services is calculated individually depending on how complicated the project is and the amount of work we have to carry out.
Organizational and administrative documentation
Development of action plan for achieving compliance with laws and regulations regarding personal data processing (in the form of documentation).
starting at ₽300,000.
Security system description
Development of a brief description of the information system, main threats and security methods. It is an alternative to full information security system development.
starting at ₽200,000
Security project
Development of Information security system. It includes threat-modelling, selection of solutions and security measures, development of security project plan documentation.
starting at ₽400,000
Risk assessment
Identification and assessment of all possible negative scenarios related to personal data processing (leakage, destruction, etc.), and development of a risk minimization plan.
starting at ₽600 000
Support during inspections
Support, assistance and representation during inspections conducted by regulatory authorities in terms of compliance with laws and regulations regarding personal data.
free of charge
Специальные условия
We can provide assistance during regulatory checks with regard to compliance with personal data standards free of charge as a guarantee commitment upon timely order of full-range services in terms of personal data protection.
* Services for support of regulatory authority inspections with regard to compliance with the personal data legislation may be provided free of charge as warranty obligations upon timely order of a package of works on the personal data protection.
All prices include VAT. The information on this web page is not a public offer.

Benefits of partnering with Acribia

Hands-on experience in passing inspections
We have hands-on experience of assisting companies during regulatory checks by authorities, which gives us a huge competitive edge.
Guarantees in the event of inspections
Upon timely order of our services regarding personal data protection, we commit to assisting you during a compliance inspection under the terms of guarantee.
Instructions and templates for all possible occasions
We provide a detailed instruction on interaction with Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media), templates of responses to requests made by government authorities, logbook forms, sample data processing agreements and a lot more.
Over seven years of experience on the personal data protection market. Dozens of projects carried out for companies specializing in different areas.

We offer custom-built solutions under exclusive conditions.

Contact us

Please fill out our form, and we'll get in touch as soon as possible
Contact us for more information
Your contact details will be treated as strictly confidential
By clicking submit, you agree to the Acribia Terms and Conditions & Privacy Policy.
Is it relevant to you?
Below are the most common misconceptions related to personal data processing.
Myth:
My enterprise is not a personal data controller
In fact:
At the moment laws and regulations stipulate that all legal entities, regardless of form of ownership and industry, are data controllers. Employment contracts, job candidates' CVs, sick notes, information about employees' family members and, strictly speaking, even employees' contact details — all these are considered personal data and are processed in all enterprises.
Myth:
The cost of third-party services is much higher than fines, so it is easier to pay a fine.
In fact:
In 2017 fines for violations in the personal data processing increased considerably. What is more, you can be liable for several violations at once, in which case the fine can add up to several hundred thousand rubles. Yet, it’s not the worst thing. Even after you pay the fine, you will still have to ensure compliance with the requirements. In other words, in case a violation is detected, you will have to both pay a fine and achieve compliance with the laws and regulations regarding personal data processing.
Myth:
Our personal data is stored in a secure certified cloud, so the problem is solved.
In fact:
According to Federal Law No. 152, the data controller is responsible for protection of personal data even if a third party processes data on behalf of the controller (in this case data controller means natural or legal person on whose behalf data is processed). It’s great if you store and process personal data in a secure cloud. However, it does not exempt you from the obligation to be compliant with the laws and regulations.
Still not sure?
Read what our customers say about us. Find out what our strengths are and take a look at the list of our existing customers.