Features of the legal regulation of personal data protection under the legislation of the Republic of Kazakhstan, AIFC law and GDPR

Day 1 

1. Legal regulation of personal data protection in the Republic of Kazakhstan, the AIFC and the EU. Regulatory and legal framework.
2. The basic concepts of the AIFC Regulations on Data Protection, the Law of the Republic of Kazakhstan “On Personal Data and their Protection” and GDPR.
3. Key principles of personal data collection, processing and protection.
4. The similarity of the provisions of the AIFC acts on the protection of personal data with the GDPR.
5. Differences in the regulation of personal data protection provided for by the AIFC and GDPR acts.
6. The requirement for localization of personal data in Kazakhstan.
7. The rights and obligations of persons involved in the collection and processing of personal data, as well as the person responsible for organizing the processing of personal data.

Day 2 

1. The rights of personal data subjects and their practical application.
2. Requirements for the consent form for the collection and processing of personal data.
3. Violation of personal data security. Effective management and response to data leaks and other incidents related to personal data security breaches.
4. Cross-border transfer of personal data.
5. Liability for violation of the requirements of the law of the AIFC, RK, GDPR.
6. The competence of authorized bodies in the field of personal data protection.
7. Features of judicial practice in cases related to the protection of personal data.

• Online training sessions
• Questions and answers​
• Presentations and recommendations from the trainer​
• Electronic training certificate

Yekaterina Khamidullina

Yekaterina Khamidullina is a Partner at AEQUITAS Law Firm, head of the firm’s branch in the AIFC. He has been advising on complex corporate, financial, labor and contract law issues for over 13 years. Yekaterina also has extensive experience in advising on personal data protection, dispute resolution, compliance, project finance, real estate, healthcare, technology, media and telecommunications, and AIFC law. According to the AsiaLaw Profiles rating agency, Yekaterina was recognized as the “highest rated lawyer to work for” in Kazakhstan in 2021. The Legal 500 noted Yekaterina as a recommended lawyer in the field of financial law, capital markets, commercial, corporate law and M&A. She is a member of the Kazakhstan Bar Association, IUS Laboris and SIPAC, and has published in his fields of expertise.
Yekaterina participated in consulting and working groups on the preparation of draft amendments to various legislative acts of the Republic of Kazakhstan on remote work and anti-corruption. She acted as a respondent to the World Bank’s monitoring of legislation in the Doing Business rating. She received a Master’s degree in International Business Law from the Central European University, as well as a Master’s degree in Law and Technology from King’s College London under a Chevening scholarship. During her studies, she studied in-depth issues related to the protection of personal data in different countries, GDPR, and also prepared a dissertation on the relevant topic. She has advised foreign and Kazakhstani companies on the collection, processing, protection, cross-border transfer of personal data, database localization, and liability for violations of the law. She developed packages of necessary documents in the field of personal data protection.