+7 (495) 147 11 03
email
telegram
  EN
email
email
telegram

Legal Liability for Personal Data Processing Violations in Russia

 

June 13, 2023

BRACE Law Firm ©

 

Federal Law No. 152-FZ dated July 27, 2006, On Personal Data (the "Personal Data Law" or "Federal Law No. 152-FZ") strictly regulates the processing of personal data of individuals. Under Article 24 of this Law, persons found guilty of violating personal data processing rules shall bear the liability provided for by Russian legislation.

In this article, we examine who bears liability and what types of liability apply for violating personal data processing rules (the "PD"), and we consider specific cases where liability was imposed.

Types of Liability for Violation of Personal Data Processing Rules

Depending on the type of offense, liability for violating personal data processing rules may be:

  • administrative;
  • criminal;
  • civil;
  • material;

We note that in certain cases, individuals, including officials, as well as legal entities, may be subjects of liability. Below, we consider the cases for imposing each of these types of liability in more detail.

Administrative Liability for Violation of Personal Data Processing Rules

Administrative liability is the most common type of liability for violating personal data processing rules. To briefly recap, administrative liability is a type of legal liability for committing a wrongful and culpable act (action or omission), whereby the guilty party undergoes state coercive measures. The Code of Administrative Offenses of the Russian Federation (the "CAO RF") provides for liability for such acts. Both a legal entity and its officials, as well as individual entrepreneurs, may be held administratively liable.

Article 13.11 of the CAO RF, Violation of the Legislation of the Russian Federation in the Field of Personal Data, establishes liability for violating personal data processing rules. We note that administrative liability is constantly becoming more stringent. For instance, in 2017, seven separate elements of offenses were introduced into Article 13.11 instead of a single one, and fine amounts were significantly increased. In 2021, repeated offenses were isolated into independent categories with increased liability. Currently, the State Duma is considering a draft law that would once again increase fine amounts for personal data processing violations. [1]

Officials of the Federal Service for Surveillance in Communications, Information Technology, and Mass Media and its territorial bodies (the "Roskomnadzor") are authorized to draft protocols on administrative offenses under Article 13.11 of the CAO RF, while judicial authorities hear the administrative offense cases.

Let us examine the elements of offenses provided for by this article in more detail:

1. Personal data processing in cases not provided for by law, or incompatible with the purposes of personal data collection (Part 1 of Article 13.11 of the CAO RF).

The Personal Data Law defines the principles and conditions for personal data processing, including:

  • personal data processing must be carried out on a legal and fair basis;
  • the content and volume of the processed personal data must correspond to the stated purposes of processing and must not be excessive in relation to those purposes.

Violation of these principles and conditions entails the risk of administrative liability under Part 1 of Article 13.11 of the CAO RF. We can illustrate the application of this provision with an example from judicial practice. In one case, the prosecutor's office conducted an audit of a microfinance organization's activities regarding personal data processing. The audit revealed that borrower applications contained personal data of the borrowers' managers at their place of employment and their mobile numbers. The organization did not obtain the consent of these individuals to process their personal data. Consequently, the court concluded that the microfinance organization lacked legal grounds to process such personal data and imposed administrative liability under Part 1 of Article 13.11 of the CAO RF with a fine of 30,000 rubles. [2]

Processing excessive data or data for purposes inconsistent with the purposes of collection may also lead to administrative liability. According to Article 86 of the Labor Code of the Russian Federation, permissible processing purposes in labor relations include:

  • ensuring compliance with laws and other regulatory legal acts;
  • assisting employees in employment, obtaining education, and career advancement; ensuring the personal safety of employees;
  • monitoring the quantity and quality of work performed and ensuring the safety of property.

Processing employees' personal data for any other purposes is prohibited. If the supervisory authority identifies facts of collection and subsequent processing of an employee's personal data for other purposes, it will impose liability under this provision.

The maximum penalty in such cases for officials is a fine of up to 20,000 rubles, and for legal entities, up to 100,000 rubles.[3]

2. Personal data processing without the written consent of the personal data subject, or in violation of the requirements for consent (Part 2 of Article 13.11 of the CAO RF).

As a general rule, personal data processing is carried out only with the consent of the personal data subject, except for cases provided for by Articles 6 and 10 of the Personal Data Law. Article 9 of Federal Law No. 152-FZ establishes the requirements for the content of consent for PD processing.

For example, under this provision, courts impose liability for the distribution, storage, or other actions involving personal data in the absence of the personal data subject's consent, [4] or if the consent does not specify all the information required by Article 9 of the Personal Data Law. [5]

The maximum penalty for officials is a fine of up to 40,000 rubles, and for legal entities, up to 150,000 rubles.

3. Failure to perform the duty to publish the Personal Data Processing Policy (Part 3 of Article 13.11 of the CAO RF).

Part 2 of Article 18.1 of the Personal Data Law establishes the duty to publish this document. Such violations are typically identified during prosecutorial audits or as a result of complaints from individuals. Failure to comply with such a largely formal requirement entails a fairly severe penalty.

The maximum penalty for officials is a fine of up to 12,000 rubles, for individual entrepreneurs, up to 20,000 rubles, and for legal entities, up to 60,000 rubles.

4. Failure to perform the duty to provide the personal data subject with information concerning the processing of their personal data (Part 4 of Article 13.11 of the CAO RF).

Under Part 7 of Article 14 of Federal Law No. 152-FZ, a personal data subject has the right to receive information concerning the processing of their personal data, such as: the fact of processing, grounds, purposes, and methods of processing, sources of data, information on persons entrusted with processing, etc. As a general rule, the requested information must be provided within 10 business days from the receipt of the request.

Roskomnadzor receives a large number of citizen appeals regarding the refusal of officials to provide requested information. Although practice shows that the supervisory authority in most cases does not find signs of an offense in the actions of these persons, the risk of liability for an unlawful refusal remains.

The maximum penalty for officials is a fine of up to 12,000 rubles, for individual entrepreneurs, up to 30,000 rubles, and for legal entities, up to 80,000 rubles.

5. Failure to comply with a lawful request of a personal data subject for the clarification, blocking, or destruction of personal data (Part 5 of Article 13.11 of the CAO RF).

Article 21 of the Personal Data Law imposes the following duties on a PD operator:

  • clarify personal data if inaccuracies are identified;
  • block personal data if unlawful processing is identified;
  • stop unlawful processing upon confirmation of its unlawfulness, and if it is impossible to ensure lawfulness, destroy the data.

Furthermore, Federal Law No. 152-FZ provides for cases where personal data processing must cease upon the withdrawal of consent for its processing.

For instance, in one case, a business entity acting as a personal data operator failed to comply with Roskomnadzor's request to delete the personal data of employees from specified internet pages. The court found the entity guilty of an administrative offense under Part 5 of Article 13.11 of the CAO RF and imposed an administrative penalty in the form of a fine of 25,000 rubles.[6]

The maximum penalty for officials is a fine of up to 20,000 rubles, for individual entrepreneurs, up to 40,000 rubles, and for legal entities, up to 90,000 rubles.

6. Failure to perform the duty to ensure the safety of personal data during non-automated processing, if this resulted in unlawful actions toward the personal data (access, destruction, copying, modification, or others) (Part 6 of Article 13.11 of the CAO RF).

The prosecutor's office conducted an audit of a business entity providing utility services to citizens. During the audit, it was established that the business entity had entered into an agency agreement with a management company to generate utility bills and deliver them to the addressees. However, the bills were delivered in a non-enveloped format, making the personal data of the addressees available for viewing by an unlimited number of people. The court found the entity guilty of an administrative offense under Part 6 of Article 13.11 of the CAO RF and imposed a fine of 25,000 rubles. [7]

The maximum penalty for officials is a fine of up to 20,000 rubles, for individual entrepreneurs, up to 40,000 rubles, and for legal entities, up to 100,000 rubles.

7. Failure by a PD operator that is a state or municipal body to perform the duty to de-identify personal data, or failure to comply with established requirements or methods for de-identification (Part 7 of Article 13.11 of the CAO RF).

Roskomnadzor Order No. 996 dated September 05, 2013, establishes the requirements and methods for de-identifying personal data. The maximum penalty for officials is a fine of up to 12,000 rubles.

8. Failure to perform the duty to use databases located within the territory of the Russian Federation when collecting personal data.

In accordance with Part 5 of Article 18 of the Personal Data Law, when collecting PD, including via the Internet, an operator must ensure the recording, systematization, accumulation, storage, clarification (updating, modification), and extraction of personal data of citizens of the Russian Federation using databases located within the territory of the Russian Federation.

In one case, Roskomnadzor conducted an audit of a foreign organization to check compliance with personal data legislation. Based on an analysis of its activities, it was established that the foreign organization collected personal data of citizens of the Russian Federation (name, surname, phone number, and email address were provided during registration) using the foreign service "Speedtest". Consequently, the court found the foreign organization guilty of an administrative offense under Part 6 of Article 13.11 of the CAO RF and imposed a fine of 1,000,000 rubles.[8]

The maximum penalty for officials is a fine of up to 200,000 rubles, and for legal entities and individual entrepreneurs, up to 6,000,000 rubles.

Note that the CAO RF contains provisions establishing liability for violating personal data protection requirements and violating the procedure for interacting with citizens and supervisory authorities, such as:

  • Article 5.39 of the CAO RF, Refusal to Provide Information;
  • Article 13.12 of the CAO RF, Violation of Information Protection Rules;
  • Article 13.12.1 of the CAO RF, Violation of Requirements in the Field of Ensuring the Security of Critical Information Infrastructure of the Russian Federation;
  • Article 19.5 of the CAO RF, Failure to Execute a Lawful Prescription (Order, Representation, Decision) on Time;
  • Article 19.7 of the CAO RF, Failure to Provide Information (Data).

Is Criminal Liability Established for Violations of Personal Data Processing?

Criminal liability is a type of legal liability whose primary content consists of measures applied by the state to a person in connection with the commission of a crime. Only individuals are subject to criminal liability (Article 19 of the Criminal Code of the Russian Federation).

There are no specific provisions regarding liability for violating personal data processing rules in the Criminal Code of the Russian Federation. However, law enforcement agencies may identify the following elements of crimes provided for by the Criminal Code in the actions of a violator:

1. Unlawful collection or distribution of information about a person's private life, constituting their personal or family secret, without their consent (Article 137 of the Criminal Code of the Russian Federation).

Collection of information refers to intentional actions consisting of obtaining this information by any method, for example, through personal observation, eavesdropping, interviewing other persons, including recording information using audio, video, or photographic means, copying documented information, or by theft or other acquisition. Distribution of information consists of communicating (disclosing) it to one or several persons in oral, written, or any other form and by any method, particularly by transferring or posting information on the Internet.[9]

The subjective side implies direct intent to commit the crime.

The maximum penalty under Part 1 of Article 137 of the Criminal Code of the Russian Federation is imprisonment for a term of up to 2 years, with the deprivation of the right to hold certain positions or engage in certain activities for a term of up to 3 years. This article also contains several aggravating factors, such as the use of one's official position or actions committed against minors, which are punished more severely.

We note that cases of criminal liability under this provision are rare. Nevertheless, we have found instances of criminal prosecution. As established by the court, the defendant S.E., acting as the head of "Medical Diagnostic Center" LLC, instructed the defendant S.V.LA. to install video surveillance cameras in a gynecologist's office. The cameras were disguised in security sensor housings, and video recording of a patient's examination was conducted without her consent. Applications were installed on the defendants' phones allowing remote viewing and saving of video from the surveillance cameras, which evidenced the defendants' intent to commit the crime. The resulting recordings were distributed on the Internet.

By court judgment, S.E. was convicted under Part 2 of Article 137 of the Criminal Code of the Russian Federation to 2 years and 6 months of imprisonment and deprivation of the right to engage in activities related to the collection and processing of citizens' personal data for 2 years. S.V.LA. was sentenced to 2 years and 3 months of imprisonment and deprivation of the right to engage in activities related to the installation and use of technical equipment systems for 2 years. Under the victim's civil claim, moral harm compensation in the amount of 200,000 rubles was recovered from the defendants jointly and severally. The defendants failed to overturn the judgment in the appellate and cassation instances. [10]

Often, persons who have been subject to operational-search activities or criminal prosecution raise the issue of the illegality of these actions, including the unlawful collection of their personal data and other information about their private lives. For example, in one case challenging a sentence, the defense pointed out that during the operational-search activity "Examination of Items and Documents", no consent was obtained to inspect correspondence and other information contained in a telephone. The phone contained information constituting private life, correspondence, and telephone conversation secrets, as well as personal data, and the restriction of this right is permitted only on the basis of a court decision, which was also not obtained. The court decided that conducting an inspection of a phone's electronic memory to obtain information relevant to a criminal case does not require a special court decision. It refused to review the sentence. [11]

The Constitutional Court of the Russian Federation, in a case with similar circumstances, also expressed the opinion that the Federal Law On Operational-Search Activity establishes the possibility of conducting operational-search activities, including those using information systems, video and audio recording, film and photography, as well as other technical and other means that do not harm human life and health. Their results are not evidence but merely information about the sources of facts, and they can become evidence only after being formalized in accordance with the provisions of the Criminal Procedure Code of the Russian Federation. Accordingly, the provisions of the law cannot be regarded as violating the rights of the person against whom operational-search activities are being conducted. [12]

At the same time, in our view, claims for moral harm compensation caused by unlawful prosecution may have prospects if the citizen's right to rehabilitation is recognized. [13]

2. Unlawful refusal by an official to provide a citizen with documents and materials collected in the established procedure and directly affecting the rights and freedoms of the citizen (Article 140 of the Criminal Code of the Russian Federation).

The objective side of the crime consists of an unlawful refusal to provide the relevant information or in providing incomplete or deliberately false information. Only an official is the subject of the crime. The maximum penalty is deprivation of the right to hold certain positions or engage in certain activities for a term of up to 5 years.

We note that we have not found cases of liability under Article 140 of the Criminal Code of the Russian Federation for personal data processing violations; however, attempts to initiate cases under this provision are made by personal data subjects. [14]

3. Unlawful access to computer information that resulted in the destruction, blocking, modification, or copying of information (Article 272 of the Criminal Code of the Russian Federation).

If the unlawful processing of personal data involved unlawful access to computer information protected by law and resulted in the destruction, blocking, modification, or copying of computer information, the violator's actions may be qualified under Article 272 of the Criminal Code of the Russian Federation. The penalty under this article may reach 7 years of imprisonment.

For example, in one case, M., during her employment as the chief accountant of an orphanage, had remote personal access to the "1C:Enterprise" database of the institution. M. was dismissed for poor performance, after which she deleted the database containing the employees' personal data via a remote network connection. The court found M. guilty of a crime under Part 1 of Article 272 of the Criminal Code of the Russian Federation and sentenced her to 6 months of corrective labor with a 10% deduction from her earnings to the state treasury. [15]

Civil Liability for Violations of Personal Data Processing

Civil liability is liability that arises in the event of non-performance or improper performance by a person of duties provided for by civil law.

It may take the form of compensating the victim for losses (actual damage and lost profits) or compensation for moral harm. When personal data processing rules are violated, claims for moral harm compensation are typically filed. However, lawsuits seeking both moral harm compensation and damages also occur. For example, a citizen filed a claim against the Federal Bailiff Service for the recovery of 50,000 rubles in damages and 50,000 rubles in moral harm. The lawsuit was prompted by a technical error made by a bailiff when filling in the line for the debtor's full name, as a result of which the plaintiff was listed as the debtor under an enforcement document instead of another person. Due to the error, 5,932.08 rubles were debited from the plaintiff's accounts. Following the plaintiff's verbal request, the debited funds were returned. The court's decision awarded the plaintiff lost profits in the form of unearned interest on the debited funds in the amount of 237.25 rubles, as well as moral harm compensation of 500 rubles; the remainder of the claim was denied. [16]

Both individuals and legal entities may be held civilly liable. However, it should be kept in mind that under Article 1068 of the Civil Code of the Russian Federation, moral harm caused by an employee in the performance of labor duties is subject to compensation by the employer. The duty to compensate for moral harm caused by a citizen performing work on the basis of a civil law contract may be imposed on the person who entered into the contract with the citizen if the latter acted on the instructions of that legal entity.

Articles 150, 151, and 1099–1101 of the Civil Code of the Russian Federation regulate the procedure for moral harm compensation. The court determines the amount of moral harm compensation, taking into account the degree of the violator's guilt and the extent of the suffering associated with the moral harm.

Claims for moral harm compensation for personal data processing violations are common, but the compensation amounts awarded by courts are generally small.

In one case, a plaintiff entered into a contract with an organization for security services, under which the plaintiff's personal data were provided. Due to the termination of the license for security services, the plaintiff terminated the contract and stopped paying for services. This circumstance served as the basis for another security organization's refusal to allow the plaintiff's car onto his own land plot. The plaintiff filed a lawsuit to have the actions of transferring his personal data declared unlawful and to recover moral harm compensation of 150,000 rubles from each defendant. The court partially satisfied the claim, declared the personal data processing actions unlawful, and recovered moral harm compensation of 25,000 rubles from each security organization. [17]

We note that claims for joint and several recovery occur in judicial practice. However, when filing such claims, it must be understood that the harm must have been caused as a result of the defendants' joint actions. For example, in one case, a plaintiff sued to have personal data processing and disclosure actions declared unlawful, to compel the cessation of personal data processing, and to recover moral harm compensation of 30,000 rubles from each defendant. The reason was that one of the defendants, processing the plaintiff's personal data as his employer, transferred them without the plaintiff's written consent to the second defendant, who in turn provided them to third parties. The court partially satisfied the claim. The defendants were ordered to cease the unlawful personal data processing, and 10,000 rubles were recovered from one defendant and 5,000 rubles from the other. Joint and several satisfaction of the claim was denied because each defendant committed their own violations of personal data processing rules while acting independently. [18]

Material and Disciplinary Liability for Violations of Personal Data Processing

The Labor Code of the Russian Federation determines the procedure for material and disciplinary liability.

For violating personal data processing rules, an employer may bear material liability toward its employees in the form of full compensation for the harm caused (Part 1 of Article 235 of the Labor Code of the Russian Federation).

An employee responsible for personal data processing may also be held materially liable if they violated their duties and caused damage to the employer through their actions. However, only direct actual damage can be recovered, which refers to a real reduction in the employer's existing property or a deterioration in the condition of said property, or the need for the employer to incur costs or excess payments to acquire or restore property or to compensate for damage caused by the employee to third parties (Part 1 of Article 238 of the Labor Code of the Russian Federation).

In accordance with Article 192 of the Labor Code of the Russian Federation, an employer has the right to apply disciplinary sanctions for a disciplinary offense, i.e., the non-performance or improper performance by an employee, through their fault, of the labor duties assigned to them.

Recall that the types of disciplinary sanctions are a remark, a reprimand, and dismissal. Thus, dismissal is possible for personal data disclosure under sub-paragraph "c" of paragraph 6 of Part 1 of Article 81 of the Labor Code of the Russian Federation. Furthermore, according to explanations from the Supreme Court of the Russian Federation, employees who disclosed such information can be held liable only if it became known to them in connection with the performance of their labor duties and they undertook not to disclose such information. [19]

In one case heard by a court, it was established that an employee acting as a technical support specialist used his login and password to download data on the employer's clients, including full names, passport data, and phone numbers, and transferred them to unidentified persons. Following an investigation that confirmed these facts, the employee was dismissed under sub-paragraph "c" of paragraph 6 of Part 1 of Article 81 of the Labor Code of the Russian Federation. An attempt to challenge the dismissal was unsuccessful. The court pointed out that when entering into the labor contract, the plaintiff was familiarized with the personal data protection policy and signed a non-disclosure agreement for confidential information. The fact of disclosing the company's clients' personal data was confirmed.[20]

In another case, the University's security service identified the fact of correspondence between members of the teaching staff in the "WhatsApp" messenger, in which personal data of foreign students were transferred. According to the written explanation of the department head, she requested information on students wishing to leave Russia due to the COVID-19 epidemiological situation. In her view, this measure was necessary for the timely organization of departure and to prevent fines for late notification of the migration service. A disciplinary sanction in the form of a reprimand was imposed on the guilty person. It could not be challenged in court. [21]

When imposing a disciplinary sanction, the severity of the offense and the circumstances under which it was committed must be considered. To this end, before applying a disciplinary sanction, the employer must request a written explanation from the employee. Additionally, the deadlines and procedure for imposing the sanction must be observed.

In another case, an employee successfully challenged a dismissal under the following circumstances. An employer established that the head of the planning and economics department had sent emails from a corporate email address to a personal one containing the personal data of other employees, including full names and salary data. As the employee explained, this was done for the purpose of properly performing his official duties, specifically, preparing an order for personal allowances for employees. The court agreed with the employer's conclusion that the employee's actions in unlawfully transferring personal data could serve as grounds for disciplinary liability, but not in the form of dismissal. The employer did not take into account the employee's prior behavior, his attitude toward work, or whether the act had any negative consequences. [22]

In conclusion, we note that liability for violating personal data processing rules is constantly becoming more stringent, and the scope of control is expanding. Personal data processing has already moved beyond merely documenting consents for processing. To minimize the risks of liability, it is necessary to organize personal data protection efforts, develop and regularly update documents describing the procedure for personal data processing, and implement organizational and technical measures to protect the information being processed.

_____________________

References

  1. Draft Federal Law No. 353266-8.
  2. Ruling of the Seventh Cassation Court of General Jurisdiction dated December 2, 2020, Case No. 16-4079/2020.
  3. Here and below, liability for repeated violations is provided for by other clauses of Article 13.11 of the CAO RF and exceeds the indicated amounts.
  4. Ruling of the Fourth Cassation Court of General Jurisdiction dated February 16, 2023, Case No. P16-280/2023.
  5. Ruling of the Sixth Cassation Court of General Jurisdiction dated August 1, 2022, Case No. 16-4776/2022.
  6. Ruling of the Second Cassation Court of General Jurisdiction dated November 30, 2021, Case No. 16-9529/2021.
  7. Ruling of the Second Cassation Court of General Jurisdiction dated June 2, 2020, Case No. 16-3231/2020.
  8. Ruling of the Second Cassation Court of General Jurisdiction dated December 26, 2022, Case No. 16-9987/2022.
  9. Resolution of the Plenum of the Supreme Court of the Russian Federation No. 46 dated December 25, 2018, On Certain Issues of Judicial Practice in Cases of Crimes Against Constitutional Human and Civil Rights and Freedoms (Articles 137, 138, 138.1, 139, 144.1, 145, 145.1 of the Criminal Code of the Russian Federation).
  10. Ruling of the Fifth Cassation Court of General Jurisdiction dated May 4, 2023, Case No. 77-496/2023.
  11. Cassation Ruling of the Judicial Chamber for Criminal Cases of the Supreme Court of the Russian Federation dated February 10, 2022, Case No. 45-UD22-3-A2.
  12. Ruling of the Constitutional Court of the Russian Federation No. 2061-O dated July 21, 2022, On Refusal to Accept for Consideration the Complaint of Citizen Dmitry Viktorovich Kostygov Regarding the Violation of His Constitutional Rights by Articles 6, 7, and Part One of Article 15 of the Federal Law "On Operational-Search Activity".
  13. Ruling of the Judicial Chamber for Civil Cases of the Supreme Court of the Russian Federation dated March 5, 2019, Case No. 78-KG18-82.
  14. Ruling of the First Cassation Court of General Jurisdiction dated June 11, 2020, Case No. 88-16721/2020.
  15. Ruling of the Second Cassation Court of General Jurisdiction dated May 18, 2022, Case No. 77-1553/2022; Ruling of the First Cassation Court of General Jurisdiction dated June 11, 2020, Case No. 88-16721/2020.
  16. Ruling of the Second Cassation Court of General Jurisdiction dated December 22, 2020, Case No. 88-27270/2020.
  17. Ruling of the Third Cassation Court of General Jurisdiction dated February 26, 2020, Case No. 88-2978/2020.
  18. Decision of the Zvenigorod City Court of the Moscow Region dated November 15, 2021, Case No. 2-663/2021.
  19. Clause 43 of the Resolution of the Plenum of the Supreme Court of the Russian Federation No. 2 dated March 17, 2004, On the Application by the Courts of the Russian Federation of the Labor Code of the Russian Federation.
  20. Appellate Ruling of the Moscow City Court dated October 2, 2019, Case No. 33-43038/2019.
  21. Ruling of the Fourth Cassation Court of General Jurisdiction dated February 25, 2021, Case No. 88-4366/2021.
  22. Ruling of the Third Cassation Court of General Jurisdiction dated April 20, 2022, Case No. 88-6000/2022.
E-mail
info@brace-lf.com

Send us a request with a detailed description of the issue.

Our phone
+7 (495) 147-11-03

Contact us by phone.

Clients & Partners

65.png
68.png
69.png
73.png
75.png
fitera.jpg
imko.png
logo.png
Logo_RED_RGB_Rus.png
logo_SK_2.png
Яндекс.Метрика