Support Centre

Bulgaria

Summary

Law: The Protection of Personal Data Act 2002 (last amended in 2023) ('the Act') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')

Regulator: Commission for Personal Data Protection ('CPDP')

Summary: The Act is the main source of local data protection law, having been adopted in 2002. Since then, it has undergone several amendments and was extensively modified, on 26 February 2019, to harmonise with the provisions of GDPR and to implement the GDPR into national legislation. The Act, together with the Rules on the Activity of the Commission for Personal Data Protection and its Administration set forth the legal framework for supervisory and regulatory functions of the CDPD. Since the entry into force of the GDPR, the CPDP has been very active both in terms of issuing regulatory guidance and in terms of enforcemen.

News

Insights

January 2023

Bulgaria: Health and Pharma Overview

May 2022

Bulgaria: Personal data protection risks of employee diversity and inclusion programs

In recent years, the issue of creating a working environment complete with diversity and inclusion has been increasingly raised. Nikolay Zisov and Deyan Terziev, from BOYANOV & Co., provide an overview of how the implementation of a diversity and inclusion program relates to provisions within data protection law, such as the data minimisation principles and purpose limitation.

March 2022

Bulgaria: Overview of Vendor Privacy Contracts

March 2022

Bulgaria: Data Protection in the Financial Sector

November 2021

Bulgaria: Cybersecurity

Company

Our Policies

Your Rights

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© OneTrust, LLC. All Rights Reserved.
The materials herein are for informational purposes only and do not constitute legal advice.
Feedback