Page 1:

RA MINISTRY OF JUSTICE
PERSONAL DATA PROTECTION AGENCY

GUIDE:

Personal data processing memory devices
containing equipment
maintenance and repair services
by providers

Page 2:

The Personal Data Protection Agency of the RA Ministry of Justice referred to
memory devices (hard disk, portable memory device, etc.)
type of memory device) containing their equipment (computer,
telephone, camera, USB flash drive, etc.) equipment equipment
service:

and

renovation

to implement:

in cases:

the security of personal data contained in the equipment.
The agency took into account that in case of failure of such equipment
Sometimes people do not worry about repairing them
about the security of their personal data or, which also
It often happens that equipment failure deprives people of themselves
access to data. On the other hand, such equipment
Maintenance and repair providers (hereinafter referred to as:
service provider) almost never have recorded rules or
policy the data on their trusted devices
on the provision of protection.
Taking into account the above, in 2018 the Agency applied
service and repair of household appliances
large

organizations:

Memory:

devices

containing:

in case of equipment maintenance
to exclude the memory devices of the service equipment
processing of personal data (personal information) contained in that
including transfer and access to third parties (see:
https://www.facebook.com/PersonalDataArmenia/posts/1002805619888191):
As a result, the companies informed the customers
There will be a provision in the issued guarantee coupon or receipt,
according to which the employees of the companies are obliged
Maintenance of equipment containing memory devices
and keep personal on the device when making repairs
data privacy, do not process that data and do not pass it on to third parties
persons: However, organizations providing such services and
There are many individuals (individual entrepreneurs) and everyone
It is not possible to inform the address. Taking into account the above, the RA Ministry of Justice
The Personal Data Protection Agency presents one
a few tips to help customers and the like

Page 3:

make companies more secure
processing of personal data of the client.
✓ If you are preparing your own personal information
hand over the equipment for repair or maintenance and in it
You have access to the available data and then to the service provider
Transfer your personal data on the device before handing over
(pictures, videos, documents, personal
other information) on another drive, remove them from the device and only new
Replace or service the empty device

✓ If the nature of the equipment failure is such that you do not have the device
the data available to other carrier 's ability to copy on the device
Require that before repairs or service
Exclude service provider from device memory devices
processing of contained personal data (personal information),
including transfer and access to third parties.

: The service provider, in turn, must perform the task entrusted to him
protection of personal data in the equipment
technical and organizational measures, for example, ensure that:
the equipment entrusted to him and the information stored in it
not be accessible to third parties, have access to them only
Limited number of service providers.
The service provider is obliged not to get acquainted with the trustee
the data in the equipment, do not view, do not duplicate and any other
do not interfere with that data. In cases where the device:
data in the device in case of failure
get acquainted is inevitable (for example, when the purpose of the renovation
is the restoration and failure of a specific data or image
The service provider has to recover by force
get acquainted with the data), then the service provider is obliged
ensure the confidentiality of this information, do not disclose it to third parties,
Interfere with customer personal data only for repairs
the required minimum quantity.

Page 4:

Ողը The service provider must also take action
Personal containing the trusted device memory device
to protect data from accidental loss or destruction.

Ելու Notifying customers is also an important precondition
duty: Accordingly, the service provider is needed
to customers

provided:

service:

(receipt, notification, contract, guarantee coupon, etc.)
provide a relevant provision by which the customer will be notified
maintenance and repair by the implementer
not to use his personal data contained in the device, them
obligation to ensure immunity and confidentiality
About:

✓ If repairs or maintenance are not possible without
to get acquainted with the data contained in the equipment entrusted to him or
To view them, the service provider needs to know about it
Inform the customer in advance and in that case the equipment
Repair or maintenance will be performed only by the customer
after receiving the consent.

in the documents

that

