Bulgaria

Summary

Law: The Protection of Personal Data Act 2002 (last amended in 2023) ('the Act') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')

Regulator: Commission for Personal Data Protection ('CPDP')

Summary: The Act is the main source of local data protection law, having been adopted in 2002. Since then, it has undergone several amendments and was extensively modified, on 26 February 2019, to harmonise with the provisions of GDPR and to implement the GDPR into national legislation. The Act, together with the Rules on the Activity of the Commission for Personal Data Protection and its Administration set forth the legal framework for supervisory and regulatory functions of the CDPD. Since the entry into force of the GDPR, the CPDP has been very active both in terms of issuing regulatory guidance and in terms of enforcemen.

Browse more content in Bulgaria

All Guidance Notes

All News

All Insights

News

11 August 2023

Bulgaria: CPDP releases guidelines as ordinance on whistleblowing reports register is published in State Gazette

23 May 2023

Bulgaria: CPDP internal regulations amended in light of Whistleblower Protection and Public Disclosure Act

10 May 2023

Bulgaria: CPDP publishes 2022 activity report

10 May 2023

Bulgaria: CPDP releases model documents under Whistleblower Protection and Public Disclosure Act

05 May 2023

Bulgaria: Whistleblower Protection and Public Disclosure Act enters into force

16 March 2023

Bulgaria: CPDP outlines stages of implementation of whistleblowing reporting system

16 March 2023

Bulgaria: Law to transpose EU Whistleblowing Directive adopted by National Assembly

23 November 2022

Bulgaria: New whistleblowing draft law submitted to Parliament

02 November 2022

Bulgaria: CPDP issues statement on use of digital doorbells and peepholes

04 October 2022

Bulgaria: Council of Ministers approves whistleblowing draft law

01 September 2022

Bulgaria: CPDP investigates political entities in relation to deceased persons data processing

18 August 2022

Bulgaria: CPDP publishes list of personal data processing requiring prior consultation

Insights

August 2023

Bulgaria: Whistleblowing and data protection - how to strike the balance?

In this Insight article, Violetta Kunze and Lilia Kisseva, from Djingov, Gouginski, Kyutchukov & Velichkov, explore whistleblowing and the need for protection. They discuss key points of the Bulgarian Law on the Protection of Persons who Report or Publicly Disclose Information about Breaches (the Whistleblowing Law), confidentiality, data protection challenges, and striking a balance between public interest and privacy.

June 2023

Bulgaria: The Bulgarian Whistleblowing Act - what you need to know

On February 2, 2023, Bulgaria passed its first Whistleblowing Act as part of the process of transposing the EU Whistleblowing Directive into national legislation. Hristina Dzhevlekova and Zhulieta Markova, from Wolf Theiss, discuss the main provisions of the Whistleblowing Act for whistleblowers and what this law requires of companies.

January 2023

Bulgaria: Health and Pharma Overview

May 2022

Bulgaria: Personal data protection risks of employee diversity and inclusion programs

In recent years, the issue of creating a working environment complete with diversity and inclusion has been increasingly raised. Nikolay Zisov and Deyan Terziev, from BOYANOV & Co., provide an overview of how the implementation of a diversity and inclusion program relates to provisions within data protection law, such as the data minimisation principles and purpose limitation.

March 2022

Bulgaria

Summary

Browse more content in Bulgaria

News

Insights

Get the Latest News

Thanks for signing up!

Company

Our Policies

Your Rights

Follow us