In the Era of digitalization, almost all technological solutions (Big data analytics, facial and voice recognition, med tech, e-commerce, etc.) are based on the use of personal data. Although there is a legal framework for the personal data protection in the Republic of Armenia, the strictest regulation in this field is in the European Union, where, starting from 2018, the General Regulation on Personal Data Protection (GDPR) came into force. In case of violation of the rules of collection, storage, use and transfer of personal data, the regulatory authorities of the EU member states may impose monetary sanctions on IT companies.

It is important to note, that these sanctions may apply not only to the companies registered in EU member states, but also to those who conduct their activities in third countries, including the Republic of Armenia, if these companies, in accordance with Article 3 of the GDPR, provide services to persons located in the European Union (regardless of their citizenship) or control their behavior in that area.

To conclude, violation of the provisions of the GDPR supposes not only legal but also significant financial risks for IT companies. Furthermore, if your company is registered in the US state of California, you may be required to comply with the California Consumer Protection Act (CCPA).

Our team is ready to make the best efforts to assure the compliance of your activities with the GDPR as well as the CCPA by providing the following services:

• Drafting company’s privacy policy
• Drafting agreements on the transfer or sale of personal data to partner organizations
• Monitoring compliance of company’s activities with the personal data protection rules
• Providing legal advice on personal data protection issues
• Organizing trainings on personal data protection issues for company’s employees, if necessary