Uzbekistan Personal Data Protection Law
View Law TextMaximum Fine
100 BCU
Scope
National
Regulator
State Authority
Status
Active
Need Help with Uzbekistan Personal Data Protection Law Compliance?
Get expert guidance on implementing Uzbekistan's data protection requirements and ensuring ongoing compliance for your organization.
Get Expert HelpOverview
Uzbekistan's Personal Data Protection Law establishes requirements for the protection of personal data and individual privacy rights.
Key Facts
- National data protection law
- State registration required
- Security measures mandatory
- Rights protection framework
- Administrative enforcement
Key Principles
Lawful Processing
Requirements for lawful data processing.
Requirements
- Legal basis required
- Purpose specification
- Data minimization
- Storage limitation
- Processing restrictions
Examples
- Legal basis documentation
- Purpose records
- Processing logs
- Storage policies
Transparency
Requirements for transparent data processing.
Requirements
- Clear privacy notices
- Processing information
- Rights notifications
- Contact details
- Processing purposes
Examples
- Privacy policies
- Information notices
- Rights documents
- Contact information
Data Security
Security requirements for data protection.
Requirements
- Technical measures
- Organizational measures
- Access controls
- Security policies
- Incident handling
Examples
- Security measures
- Access procedures
- Incident plans
- Security policies
Compliance Requirements
State Registration
Requirements for state registration of information systems.
Implementation Steps
- Identify registrable systems
- Prepare documentation
- Submit registration
- Maintain records
- Update as needed
Required Documentation
- Registration forms
- System inventory
- Documentation records
- Update procedures
- Maintenance logs
Data Protection Measures
Required measures for protecting personal data.
Implementation Steps
- Implement security measures
- Train personnel
- Monitor access
- Document procedures
- Regular reviews
Required Documentation
- Security policies
- Training materials
- Access logs
- Procedure documents
- Review reports
Rights Handling
Procedures for handling data subject rights.
Implementation Steps
- Establish procedures
- Implement systems
- Train staff
- Document requests
- Monitor compliance
Required Documentation
- Rights procedures
- Response templates
- Training materials
- Request logs
- Compliance records
Enforcement & Penalties
State Authority Enforcement
Enforcement by the State Authority for Personal Data Protection.
Penalty Categories
Administrative Fines
Up to 100 BCU
For violations of the law
Corrective Measures
Varies
Including orders and suspensions
Example Cases
Registration Violation
50 BCU
2023 - Failure to register information systems
Security Breach
75 BCU
2023 - Inadequate security measures