RU EN

What are the purposes of personal data processing?

Ivan Mashin
Request a call

Any company that processes personal data must determine the purposes of the processing, since this determines the categories of data that the company can collect. It is also impossible to obtain user consent for processing without goals. Therefore, when prescribing the Privacy Policy, one of the points will be the purposes of processing. You can read about how to correctly determine them in our article.

Contents

Why indicate the purpose of processing personal data? 

In accordance with the Law "On Personal Data" (hereinafter FZ-152), you need to obtain the consent of the person to process personal data (hereinafter referred to as PD). When obtaining consent, you must indicate the purposes of PD processing. In other words, consent cannot be obtained without a specific purpose. Therefore, when drawing up a Privacy Policy and drawing up a mechanism on the site for obtaining consent, you need to think over the goals in advance.

The second case when you come across processing goals is the processing itself. It should happen in accordance with predetermined goals, i.e., you cannot get more data than you need. If your goals differ depending on the subjects of PD, it is necessary to create separate databases. When concluding a loan agreement, the bank asked to indicate the citizen of the persons living with him, as well as minor children. For this he received an order from the authorized body. The court sided with the citizen and indicated that this information does not correspond to the purposes of PD processing, since they are not a party to the loan agreement (А76-5164 / 2016).

When the purposes of processing cease to be relevant, the data must be anonymized or deleted. 

Similar regulation exists in European law. In accordance with Art. 6 of the European Regulation (hereinafter - GDPR), the processing of information is considered lawful if

  • consent is given for one or more specific purposes;
  • the processing is necessary for a legitimate interest pursued by the operator or a third party;
  • other conditions are met. 

However, one way or another, a goal is determined at all points and a target criterion is present, i.e., in the event of a discrepancy between the purpose and the amount of PD, the processing will be declared illegal.

How to determine the purposes of personal data processing 

The purposes of processing depend on:

  • Actual activity. This is a key parameter, since the company receives the PD that it needs to carry out its activities. For example, an online store responsible for delivering a product cannot but ask for the address to which the product needs to be delivered. Therefore, in order to prescribe goals, you need to understand what PD is used for;
  • Functions that the law assigns to a company that carries out such activities. 
  • Business processes, which may differ depending on the structural divisions and groups of PD subjects. 

Destruction of personal data after the implementation of the processing goals

Destruction of PD also refers to the processing process. Destruction suggests that it will be impossible to restore the content in the future. The company is obliged to destroy them:

  • If PD from the subject was obtained illegally or is not needed for predetermined processing purposes. This is often found in contracts with consumers, where he does not have the ability to influence the content of the terms of the contract (contract of adhesion). Courts force companies to delete certain data (А76-5164 / 2016);
  • After reaching the goal of PD processing;
  • If there is a revocation of consent by the subject of PD.

Thus, the purposes of PD processing must be specific, legal and predetermined. To determine them, you need to understand what data you need for your actual activities. Probably, without some data, it will be impossible to provide services. But an unjustified expansion of the list of goals may entail liability for violation of legislation in this area. If you have any questions or you need help with the preparation of the Privacy Policy, please contact A4 Law Firm lawyers.

REMAINED
QUESTIONS?

Актуальные новости и статьи

11January
How to protect your computer game software?
Copyright protection for software and computer games is an issue that lawyers often face in connection with the active development of the gaming industry. Computer games are complex objects of intellectual property. Even if the developer registers a trademark and files a patent, some elements can still be used by third parties. The least protected objects include source code, game characters, music, graphics.
Узнать подробнее
31December
Where to create a cryptocurrency fund: country overview.
Due to the development of cryptocurrencies and the growth of their value, legislators in many countries pay close attention to them and develop appropriate regulation. At the moment, Estonia is one of the most attractive jurisdictions for doing cryptocurrency business.
Узнать подробнее
30December
How to choose the best tax system for a marketplace?
A marketplace is an online platform designed for buying and selling goods. The marketplace acts as an intermediary between the buyer and seller, providing them with a convenient platform for placing goods and buying them.
Узнать подробнее
29December
How to avoid violating copyright when writing FanFiction?
With the development of pop culture, the layer of its influence on society increases. At the time of 2021, there is a huge fan base, divided into societies, depending on their favorite work. Accordingly, in order to express their own creative potential, the fan base expresses it in the form of their own interpretation.
Узнать подробнее
28December
How to profitably use a company in Gibraltar?
Gibraltar is a British Overseas Territory located on the border of Europe and Africa and is an extremely attractive jurisdiction. Gibraltar is currently in the stage of economic growth, attracting a large number of investments from all over the world. Also, this jurisdiction is considered one jurisdiction with a high level of confidentiality and a fairly moderate tax regime. The first step in transferring your assets to Gibraltar is to set up a company. This is quite simple to do compared to other offshore jurisdictions.
Узнать подробнее
27December
Deposit as a way to protect copyright
In the legislation of the Russian Federation, there is no mandatory requirement for registration of copyright. Copyright arises at the time of creation of the object, therefore, there is no obligation to legally enforce the right. Despite this, attribution disputes are not uncommon for courts, and a deposit procedure exists to avoid lengthy litigation.
Узнать подробнее
24December
How to conclude a contract for the development of a website?
In connection with the general transition to online, business owners are increasingly faced with the need to create a website. Online business presentation increases your sales and brand awareness. At the same time, you should take a responsible attitude to the legal registration of relations with the developers of the site, since mistakes in drawing up a contract can lead to extremely negative consequences.
Узнать подробнее
23December
How to avoid site blocking?
When deciding to block a site, government agencies are required to act in accordance with Federal Law No. 149. This law provides a large number of grounds for blocking any resource. Article 15.1 149-FZ and Decree of the Government of the Russian Federation of October 26, 2012 No. 1101 establish a list of bodies authorized to make a decision on blocking a site, and also introduces a register of sites containing information prohibited in Russia. Any resource for which such a decision has been made is included in this register. Inclusion of a site in such a register means restricting access to it in Russia. Internet providers rely on this registry and, when any site gets there, they suspend access to it.
Узнать подробнее
NEWSLETTER SUBSCRIPTION
By pressing the subscribe button I agree to the  Privacy Policy
+7 (499) 841-05-05
telegram whatsapp
RU EN
a4lawfirm.ru
г.Москва г. Москва, Новоданиловская наб., дом 6, корп. 1, БЦ "Данилов плаза" +7 (499) 841-05-05 info@a4lawfirm.ru