The CLS team has many years of experience in solving business tasks in the field of personal data, information security and digital compliance, taking into account the requirements of Russian laws and the laws in foreign jurisdictions.

CLS is a reliable legal partner for clients in a wide range of industries: from IT, e-commerce and FinTech to biotechnology, pharmaceuticals, media, retail, food industry, construction and real estate.

Our Services:

• Audit for compliance with Federal Law 152-FZ:revealing risks in the operator's processing work, audit of web sites and applications, preparation of a report on audit results along with recommendations to address identified risks.
• Development of personal data documentation:preparation of a full set of organizational legal documents in order to comply with Federal Law 152-FZ, elaboration of policies and legal content for web sites and applications, preparation of consent forms for different categories of personal data subjects.
• Consultations on all aspects of working with personal data: localization and cross-border transfer of personal data, data exchange within a group of companies, processing of personal data on digital platforms and applications, use of encryption (cryptography) and other means of information protection, as well as other aspects.
• Interaction with Roskomnadzor and regulatory authorities: support during inspections, preparation of notifications on the processing of personal data and on the intention to carry out cross-border transfer of personal data, preparation of requests to, and responses to requests from, Roskomnadzor, FSTEC and the Central Bank of the Russian Federation.
• Service of the person in charge of organizing personal data processing (external DPO):performing functions of the person in charge of organizing personal data processing and monitoring in the company for compliance of personal data processes.
• Support of cross-border projects in foreign jurisdictions: preparation of necessary documents and policies in accordance with the requirements of a foreign jurisdiction, legal support in projects on launching platforms and web sites abroad, analysis of data transmission routes, development of recommendations on the procedure for cross-border transfer, preparation and submission of regulatory notices.
• Employee training: conducting training events and training for employees working with personal data, developing internal instructions, checklists and manuals for internal use in the company.