The Law of Ukraine On Information provides general comments on privacy and information:

Article 23. Personal Information

Personal information shall be understood as documented or publicly announced information about the person. Basic information about the person (personal data) shall include: nationality; education; marital status; religion; state of health; address; date and place of birth. The sources of documented information about the person shall be documents issued in his/her name, signed by that person documents, and personal data collected by bodies of state power and bodies of local and regional self-government, acting within their respective competence. Collection of personal data without a given person’s prior consent shall be prohibited, except in cases envisaged by the law (crime investigation by Ministry of Internal Affairs, National Security Bureau etc.). Every person shall have the right to be informed about the collected information about himself/herself. Information about the person shall be protected by the Law.

Article 29. Access to Open Information

*Access to open information shall be secured by way of:

• systematic publication of such information in official printed periodicals (bulletins, collections);
• distribution of such information by the media;
• providing such information directly to the concerned citizens, state bodies , and legal entities. The procedures and conditions of providing information as requested by citizens, state bodies legal entities, and public representatives shall be governed by this Law or by agreements (contracts) provided such information is subject to contractual terms. Imposing restrictions on the right to receive open information shall be prohibited by law. The right of priority in receiving information shall be vested in citizens requiring such information in the line of professional duty.*

The Ukrainian Law No. 2297-VI on Personal Data Protection (‘the Law’) - which was adopted by the Ukrainian Parliament on 1 June 2010 and became effective on 1 January 2011, regulates, inter alia, personal data processing.

In addition to enacting this Law, the Ukrainian Parliament also ratified the Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data, on 6 July 2010 which governs the legal relations connected with protection and personal data processing.

Following the adoption of the Law, other legislative acts providing clarification and support for the Law were approved by different governmental bodies of Ukraine:

• The Law of Ukraine No. 80/94 VR “On Protection of Information in the Information and Telecommunication Systems”, 5 July 1994
• The Law of Ukraine No 675-VIII “On Electronic Commerce”, 3 September 2015

These provide more detailed information on data privacy and security, establishes legal requirements and mechanisms for remote conclusion and execution of transactions with the use of electronic information and communication tools and technologies that will make it possible to guarantee the legitimacy, transparency and reliability of such transactions and, in turn accelerate the integration process into the global information space.

In particular, the Law of Ukraine “On Electronic Commerce” introduces a number of definitions that will be applied in legal relationship with electronic transactions; it defines the legal status of buyer and seller of goods and services in e-commerce; establishes the obligation for a seller who distributed information about the product, work or service to disclose and provide direct, simple and stable access to full information on its name and location, information about the license in case it is compulsory, information on the inclusion of taxes and cost of delivery in the price of goods, work or services. In addition, the law obliges all participants of relations in the sphere of e-commerce to protect personal data received from e-documents during the implementation of electronic transactions in the manner prescribed by Law of Ukraine “On Personal Data Protection”.

Sources:

• The Law of Ukraine No. 652 – VIII, article no. 133.4 “On Information”
• The Law of Ukraine No. 2297-VI “On Personal Data Protection” (“the Law”)

• The Law of Ukraine No. 80/94 VR “On Protection of Information in the Information and Telecommunication Systems”, 5 July 1994

• The Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data, 6 July 2010.
• The Law of Ukraine No 675-VIII “On Electronic Commerce”, 3 September 2015
• President’s website announcement