Almost all organizations in any country collect personal data about the citizens of their country and, therefore, they are considered as holders (owners) of personal data arrays.

The holders of personal data are state bodies and local governments, as well as legal entities that work with arrays of personal data.

Personal data is information about a specific person, or information using which a specific person can be identified. For example:

  • full name;
  • personal identification number;
  • biometric data;
  • marital status;
  • medical data;
  • other information that can identify a person.

An array of personal data is any set of personal data of an indefinite number of subjects (individuals), regardless of the type of information carrier and the means of their processing used:

  • archives;
  • file cabinets;
  • Information Systems;
  • electronic databases (human resources department of enterprises, accounting and tax accounting), etc.

Thus, any organization that has information about the personal data of individuals is the holder of arrays of personal data.

In accordance with Article 30 of the Law of the Kyrgyz Republic “On Personal Information”, arrays of personal data and holders (owners) of these arrays are subject to mandatory registration with the authorized state body.

Registration is carried out through the Registry of holders (owners) of personal data arrays (hereinafter referred to as the Registry). Filling in this Registry is possible using this link.

Сases of violations

Сases of violations

Recommendations and advices for organizations