Order of the Minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan "About approval of Rules of implementation by the owner and (or) operator, and also the third party of measures on

ORDER OF THE MINISTER OF DIGITAL DEVELOPMENT, INNOVATIONS AND AEROSPACE INDUSTRY OF THE REPUBLIC OF KAZAKHSTAN

of June 12, 2023 No. 179/Tax Code

About approval of Rules of implementation by the owner and (or) operator, and also the third party of measures for personal data protection

(as amended on 19-09-2024)

According to subitem 2-3) of Item 1 of article 27-1 of the Law of the Republic of Kazakhstan "About personal data and their protection" and the subitem 373) of Item 15 of the Regulations on the Ministry of the digital development, innovations and the aerospace industry of the Republic of Kazakhstan approved by the order of the Government of the Republic of Kazakhstan of July 12, 2019 No. 501, I ORDER:

1. Approve the enclosed Rules of implementation by the owner and (or) operator, and also the third party of measures for personal data protection.

2. To provide to committee on information security of the Ministry of digital development, innovations and aerospace industry of the Republic of Kazakhstan:

1) state registration of this order in the Ministry of Justice of the Republic of Kazakhstan;

2) placement of this order on Internet resource of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan;

3) within ten working days after state registration of this order in the Ministry of Justice of the Republic of Kazakhstan submission to Legal department of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of data on execution of the actions provided by subitems 1) and 2) of this Item.

3. To impose control of execution of this order on the supervising vice-minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan.

4. This order becomes effective after ten calendar days after day of its first official publication.

Minister of digital development, innovations and aerospace industry of the Republic of Kazakhstan

B. Musin

Approved by the Order of the Minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of June 12, 2023 No. 179/Tax Code

Rules of implementation by the owner and (or) operator, and also the third party of measures for personal data protection

Chapter 1. General provisions

1. These rules of implementation by the owner and (or) operator, and also the third party of measures for personal data protection (further - Rules) are developed according to subitem 2-3) of Item 1 of article 27-1 of the Law of the Republic of Kazakhstan "About personal data and their protection" (further - the Law) and the subitem 373) of Item 15 of the Regulations on the Ministry of the digital development, innovations and the aerospace industry of the Republic of Kazakhstan approved by the order of the Government of the Republic of Kazakhstan of July 12, 2019 No. 501 and determine procedure the owner and (or) the operator, and also the third party of measures for personal data protection.

2. In these rules the following basic concepts are used:

1) personal data - the data relating to the subject of personal data determined or determined on their basis, fixed on electronic, paper and (or) other material medium;

2) blocking of personal data - actions for the temporary termination of collection, accumulating, change, amendment, use, distribution, depersonalization and destruction of personal data;

3) collection of personal data - the actions directed to receipt of personal data;

4) destruction of personal data - actions as a result of which making it is impossible to recover personal data;

5) depersonalization of personal data - actions as a result of which making determination of accessory of personal data is impossible for the subject of personal data;

6) the base containing personal data (further - base) - set of the arranged personal data;

7) the owner of the base containing personal data (further - the owner) - the state body, the physical and (or) legal entity exercising right of possession, uses and orders of the base containing personal data according to the laws of the Republic of Kazakhstan;

8) the operator of the base containing personal data (further - the operator) - the state body, the physical and (or) legal entity performing collection, processing and personal data protection;

9) personal data protection - package of measures, including legal, organizational and technical, performed for the purpose of, established by the Law;

10) authorized body in the field of personal data protection (further - authorized body) - the central executive body performing management in the field of personal data protection;

11) personal data processing - the actions directed to accumulating, storage, change, amendment, use, distribution, depersonalization, blocking and destruction of personal data;

12) violation of safety of personal data - the security violation of personal data which entailed illegal distribution, change, and destruction, unauthorized distribution transferred, stored or otherwise the processed personal data or illegal access to them;

13) the subject of personal data (further - the subject) - physical person to which personal data belong;

14) public personal data - personal data or data to which according to the laws of the Republic of Kazakhstan requirements of maintaining confidentiality, access to which is free with the consent of the subject, do not extend;

15) personal data of limited access - personal data, access to which is limited by the legislation of the Republic of Kazakhstan;

16) the third party - person which is not the subject, the owner and (or) the operator, but related circumstances or legal relationship on collection, processing and personal data protection;

17) electronic information resources - the data in electronic and digital form containing on the electronic medium and in objects of informatization;

18) inspection of ensuring security of processes of storage, processing and distribution of the personal data of limited access containing in electronic information resources (further - inspection), - assessment of the applied security measures and protective actions when implementing processing, storage, distribution and personal data protection of limited access containing in electronic information resources.

Other concepts used in these rules are applied according to the Law and the Law of the Republic of Kazakhstan "About informatization".

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.