Compliance with S3 152-FZ
S3 complies with the requirements of Federal Law No. 152-FZ "On Personal Data" — you can store and process users' personal data of the first level of security (UZ-1).
In addition to S3, Selectel's cloud platform products meet the requirements for the first security level:
- Cloud servers, disks, networks, images, scheduled backups, load balancers;
- Managed Kubernetes;
- Cloud databases;
- Container Registry.
If mandatory attestation or infrastructure isolation is required, locate in an attested segment of the data center.
Areas of responsibility
Responsibility for the information security of personal data and compliance with legal requirements is shared between Selectel and the user.
The list of security measures and more detailed information on the areas of responsibility can be found in Annex 1 and Annex 2 to the Act of assessment of the effectiveness of the measures taken to ensure the security of personal data for the first level of protection.
User
The user is responsible for managing access to the bucket where objects are stored: creating user accounts and assigning access rights.
Selectel
Selectel is responsible for the information security of the S3 service infrastructure and ensures:
- physical security and fault tolerance of equipment (hardware infrastructure);
- network security of service networks;
- security of the virtualization platform and service servers.
Cost
Compliance with 152-FZ is included in the cost of S3.
Issue an order for processing personal data
To conclude a personal data processing order , create a ticket.
We will prepare the order and send it to you for signature: in paper form or via electronic document management.