Do I need a privacy policy for a simple information site?

I

ingenerdsm2020-05-18 21:33:51

Law in IT

ingenerdsm, 2020-05-18 21:33:51

Hello,
1) Tell me, do you need a privacy policy for a simple information site?
The site has the ability to register, which indicates the following:
1 - Username
2 - Password
3 - E-mail (to confirm registration).
Thus, the user receives a personal page like site.ru/user/login, where all his comments and current rating are located.

There is also a feedback form where you must specify the name and e-mail.

2) What is the responsibility for the absence of a privacy policy for such a resource? Maybe you know precedents?

3) I would be grateful for examples of the correct (in your opinion) privacy policy for simple article sites.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

L

Legal Adviser, 2020-05-18
@ingenerdsm

1. Need.
2. Up to the criminal. Legs grow from

Federal Law of July 27, 2006 N 152-FZ (as amended on December 31, 2017) "On Personal Data"
Federal Law of July 27, 2006 N 149-FZ (as amended on April 3, 2020) "On Information, Information Technologies and Protection information"

3. example of NTV plus
2.1.

1. Persons guilty of violating the requirements of this Federal Law shall bear liability provided for by the legislation of the Russian Federation.
(As amended by Federal Law No. 261-FZ of July 25, 2011
) in accordance with this Federal Law, is subject to compensation in accordance with the legislation of the Russian Federation. Compensation for moral damage is carried out regardless of compensation for property damage and losses incurred by the subject of personal data.

Liability for offenses in the field of information, information technology and information protection

1. Violation of the requirements of this Federal Law entails disciplinary, civil, administrative or criminal liability in accordance with the legislation of the Russian Federation.
1.1. Persons guilty of violating the requirements of Article 14.1 of this Federal Law regarding the processing, including collection and storage, of biometric personal data shall bear administrative, civil and criminal liability in accordance with the legislation of the Russian Federation.
(Part 1.1 was introduced by Federal Law No. 482-FZ of December 31, 2017)
2. Persons whose rights and legitimate interests have been violated in connection with the disclosure of restricted information or other unlawful use of such information shall have the right to apply in accordance with the established procedure for judicial protection of their rights, including claims for damages, compensation for moral damage, protection honor, dignity and business reputation. The claim for damages cannot be satisfied if it is presented by a person who did not take measures to maintain the confidentiality of information or who violated the information protection requirements established by the legislation of the Russian Federation, if the adoption of these measures and compliance with such requirements were the duties of this person.
3. If the distribution of certain information is restricted or prohibited by federal laws, the person providing the services shall not bear civil liability for the dissemination of such information:
1) either for the transmission of information provided by another person, provided that it is transmitted without changes and corrections;
2) either for storing information and providing access to it, provided that this person could not know about the illegality of dissemination of information.
4. The hosting provider, the telecom operator and the owner of the site on the Internet are not liable to the copyright holder and to the user for restricting access to information and (or) restricting its distribution in accordance with the requirements of this Federal Law.