GDPR and privacy in Russia

On 25 May 2018 the General Data Protection Regulation has taken effect in the Netherlands, It is an important step towards the unity of privacy legislation within all European member states. But the GDPR can reach even beyond the borders of the EU (plus some countries of the EEA). The GDPR applies to personal data of all citizens in the EU, even if these data are processed outside the EU.
For example, processing outside the EU takes place when you use Russian software developers who have access to data from EU citizens. Or when the payroll administration of your Dutch/European employees in Russia is done by a local Russian party. In that case, ambiguities and conflicts may arise between the Russian legislation and the requirements of the GDPR. In addition, the GDPR requires safeguards for transfer of data to foreign countries. Only in  countries designated by the European Commission protection of personal data is considered to be adequate. In other cases, the exporter of data and the importer/recipient abroad have to provide additional safeguards, according to model contracts or binding corporate rules established by the Commission or agreements approved by the supervisory authorities.

In short, a whole new area of ​​legislation, where practice that still has to take shape. We have specialists in our team, who can explain the similarities and differences between GDPR and Russian privacy legislation and help you provide adequate safeguards as required by GDPR.

Do you have a legal question regarding Russia?

+31 6 464 17 838

Our team is available on weekdays from 9:00 am to 6:00 pm.

Contact form
12 july 2021

Changes in Russian migration legislation


As of 29 December 2021, important changes in Russian migration legislation will enter into force.


Juralink Ukraine
Juralink Belarus

+375 29 684 8085

Our partners