Privacy and data protection

Оne of the most frequently ordered services in the past years in Krasimira Kadieva’s practice are the services related to personal  data protection.  Krasimira Kadieva has gained an extensive experience and provides a wide range of legal services to the clients in the field of personal data protection, such as the registration of personal data controllers before the Commission for Personal Data Protection, legal advice related to the processing of personal data, drafting of a wide range of documents related to the processing of personal data, such as instructions on the protection of personal data, personal data processing agreements, terms and conditions, privacy policies, cookies policies, contracts containing clauses relating to personal data protection, etc. Clients who have been using the legal services in the field of privacy and data protection over the years are both service providers, software developers, digital agencies, graphic designers, e-shops, construction companies, pharmaceutical companies as well as small companies that are just starting their business on the Internet.

With regard to the recently adopted General Data Protection Regulation (GDPR), which will enter into force on 25 May 2018, Krasimira Kadieva advises her clients on the duties of administrators and personal data processors in line with the new requirements of the GDPR, as well as adapting the practice of clients with the new requirements of the Regulation. For the preparation of the business of clients for the implementation and compliance with the new Regulation, Krasimira Kadieva has developed the service “Implementing the General Data Protection Regulation”, which includes: – consultation on the implementation and compliance with the GDPR; assessment of the need to appoint a data protection officer; – providing of three manuals containing practical steps to implement the General Data Protection Regulation, detailed description of the duties of the data controllers and the rights of the data subjects and the terms and conditions for exercising the rights of data subjects under the Regulation; – preparation of the full set of documents (more than 50 documents) required for legal implementation and compliance with the Regulation, including various types of requests, declarations, notifications, confirmations, agreements, contracts, data protection policy, protocols, internal procedures, verification and control procedures, forms of providing information, impact assessments, internal registers, instructions on personal data protection measures, etc.

Services provided to clients in this area include, but are not limited to:

  • Registration of personal data controllers before the Commission for Personal Data Protection;
  • Legal advice related to the processing of personal data;
  • Drafting of a wide range of documents related to the processing of personal data;
  • Drafting of instructions on the protection of personal data;
  • Drafting of personal data processing agreements;
  • Drafting of terms and conditions;
  • Drafting of privacy policies;
  • Drafting of cookies policies;
  • Drafting of contracts containing clauses relating to personal data protection;
  • Preparation of controllers’ and processors’ business according to the new General Data Protection Regulation (GDPR) requirements;
  • Consultations regarding the preparation for the implementation of the new General Data Protection Regulation (GDPR);
  • Preparation of the full set of documents (more than 50 documents) required for legal implementation and compliance with the GDPR, including various types of requests, declarations, notifications, confirmations, agreements, contracts, data protection policy, etc.

EACH CLIENT WILL RECEIVE A FREE E-BOOK CONTAINING ARTICLES WITH USEFUL INFORMATION ABOUT TRADEMARKS.

FOR YOUR NEXT ORDER OF ANY OF OUR SERVICES YOU WILL RECEIVE UP TO 15% DISCOUNT.

PUBLICATIONS

Specifics of the registration of data controllers
Instruction under Ordinance No. 1 of 30 January 2013 for the minimum level of technical and organizational measures and the allowed type of personal data protection
Drafting a privacy policy
Drafting a cookies policy
Obligations of the controller under Regulation (EU) 2016/679
Rights of data subjects under Regulation (EU) 2016/679 (GDPR)
Performing an impact assessment of the envisaged processing operations of the protection of personal data
The different retention periods for storing the personal data of job applicants that employers must comply with
The Court of Justice of the European Union annulled the EU-US Privacy Shield
Unsolicited commercial communications
What personal data can potential employers require from job applicants? Term for storage of personal data of job applicants.
Targeting consumers on social media platforms
Submitting a signal and a complaint before the Commission for Personal Data Protection in Bulgaria
Implementation of the GDPR in Bulgaria several years after the entry into force of the Regulation. The most common infringements of personal data protection rules.
Data Protection Officer
Difference between a Data Controller and a Data Processor
Principles relating to the processing of personal data
Personal data processing operations for which prior consultation is mandatory