Frequently asked questions (FAQ)
1. What is the essence of your "Federal law 152 cloud" service?
We have built a secure circuit in our Data Center, which has passed the certification on security requirements in accordance with Russian Federal Law 152 and received a certificate of compliance for the protection of personal data up to the 1st level of security inclusive. And we help our clients to close the issue of compliance from the technical point of view.
State institutions may also be interested in the Certificate of Conformity 1st class for state information systems (according to the FSTEC Order 17) and the Certificate of Confidential Information Protection class 1G (according to STR-K).
2. To whom does the Federal Law 152 apply?
The law applies to all data operators (state bodies, companies or physical person) that organize or carry out the processing of personal data of Russian citizens.
3. Where is the personal data of Russian citizens must be stored?
All personal data of Russian citizens must be localized in Russia according to The Federal Law-242. Cloud4Y has two data centers that are located in Russia, Moscow.
4. Why do we have to do this?
Since you are a personal data processor, the Russian Federal Law 152 automatically applies to you. And the state institutions owning the state information systems are also subject to the FSTEC Order 17.
5. How much does it cost?
The cost is calculated individually for the customer, taking into account the volume, level of security, and duration of allocation.
4. Can you help with the documentation?
Yes, we can (we provide ready-made templates or take over the whole process of preparation on a turnkey basis).
5. How is the data transmission channel organized?
The channel encrypted in accordance with Russian GOST is used via VipNet-coordinator.
6. What Cloud4Y is responsible for?
Cloud4Y assume a part of responsibilities related to storing and protecting personal data of Russian citizens in according to the Federal data protection law FZ 152. All of the organizational and technical information protection measures are accredited with the Russian government and other regulatory bodies (FSTEK, FSB).
7. What happened if I do not inform Russian regulatory bodies that I collect personal bodies?
The Russian Code of Administrative Offences (‘CAO’) includes various provisions on liability for non-compliance with the Personal Data Law. Individuals who violate the requirements of Personal Data Law may face not only administrative and criminal liability, but also civil and disciplinary liability.
8. How much is the fine if my company do not comply with the Law?
Fines imposed on personal data operators for failure to fulfill obligations (changes introduced on December 02, 2019):
- Individuals – RUB 30,000 – 50,000
- Officials (company's General Director, or CEO) - RUB 100,000 - 200,000 (USD 1600 – 3 200)
- Legal entities – RUB 1,000,000–RUB 6,000,000 (USD 16 000 – 94 000
In case of repeated offense:
- Individuals – RUB 50,000–RUB 100,000 (USD 800 – 1600)
- Legal entities – RUB 6,000,000–RUB 18,000,000 (USD 94 000 – 282 000)
9. Do you offer Data Backup?
Yes, we offer data backup (14 recovery points).
10. How is migration carried out?
The process of moving data, applications and other business elements from on-premises computers to the cloud involves several steps. Each cloud migration activity does not cause interruption in business performance.
11.How can I be sure the personal data of my clients is safe?
We ensure data protection and safety on several levels.Our data centers are all Tier III certified by the Uptime Institute that guarantees restricted access inside the data centers, enhanced surveillance, etc.
Securing Data: VGate Hypervisor Protection, Anti-virus protection, Security analysis to identify vulnerabilities in IT infrastructure, Anti-DDoS, Web application firewall (WAF)
12. How is technical support provided?
We guarantee 24/7 technical support. You will be able to contact us through a ticket system, emails or calls. Response time is no more than 10 minutes.
13. What types of issues are supported by our technical support team?
If you have any technical or billing-related issues, you can contact us at email@example.com
or send us feedback from your Cloud4y account. Additional support will depend on the service level you choose.
14. How am I billed for services?
We offer a Pay-As-You-Go Hourly pricing model, that means you pay only for resources used.
15. In what currency are the payments made?
We accept any currency.
16. Do you offer managed services?
Yes. If your business requires additional technical support that goes beyond our responsibilities e.g. support with administrating your OS or applications, you can get it for an additional fee.
17. What type of Virtualization do you use in the FZ-152 compliant cloud?
We use VMWare vCloud Director 9.5
18.Is there a trial period for the services?
We offer free demo of 2 weeks with the possibility of extension for a longer period.
19. Does your infrastructure support API?
Yes, our vCloud Director supports API. Cloud4Y API makes it easy to integrate the cloud system with your own systems for management, monitoring, scaling, billing, CRM and other systems.
CLoud4Y API works with Terraform, Command Line, SDK, which allows you to create and manage infrastructure through the Infrastructure-as-Code (IaC) methodology.
20. Can you provide storage compliant with the EU's General Data Protection Regulation (GDPR)?
We have a Data Center in the Netherlands and we can provide storage in accordance with GDPR.
More answers to your questions can be found in the knowledge base
. If you do not find an answer to your question - post it to our consultant online using online-chat or send an inquiry using the support ticket system