General Data Protection Regulation (GDPR)

The GDPR regulates how personal data is collected and processed for individuals in the European Economic Zone. Designed to enhance personal data protection, it is the legal bedrock ensuring transparency for data collection, storage, and processing.

Yandex Cloud currently meets all key GDPR requirements. From receiving, modifying, and deleting personal data to comprehensive measures protecting the data we hold, we’re completely committed to privacy, with procedures in place for informing our customers when incidents occur.

Other certificates and standards

card-image

Federal Law 152-FZ

The federal law regulating how personal data is stored and processed.

card-image

ISO

A global system of quality standards developed by the International Organization for Standardization.

card-image

PCI

Standards for secure usage of credit cards from the Payment Card Industry Security Standards Council.

card-image

GOST R 57580

The Russian national security standard for banking and financial operations, required for all credit and non-credit financial organizations.

card-image

Cloud Security Alliance

An international organization promoting IS best practices for cloud services.

card-image

Register of Russian Software

The unified register of Russian software programs.