The application of the General Data Protection Regulation (Regulation (EC) 2016/679) started on 25 May 2018. The Regulation protects the personal data of all persons within the EU.
CPDP adopted a Strategy for Development in the Field of Personal Data Protection - "Horizon 2022". An integral part of the Strategy is the Action plan for its implementation.
October marks the kick-off of the European Cybersecurity Month (ECSM), coordinated by the European Union Agency for Cybersecurity (ENISA), the European Commission and supported by the Member States. This campaign will focus on expanding awareness about cybersecurity to citizens across Europe. The ... more
The Commission for Personal Data Protection (CPDP) along with the International Legal Advice Centre – ILAC are organising International Cybersecurity Forum, which would be the first event of its kind in Bulgaria, focusing on Cyber Policies. Some of the main topics of discussion would focus ... more
The National Assembly ratified the Protocol amending the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data
The National Assembly ratified by law the Protocol amending the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention ETS No. 108) on the 11th of September 2019. The Convention for the Protection of Individuals with regard to Automatic ... more
Information on notifying DSK Bank EAD customers about a possible data breach and unauthorized processing of their personal data
In relation to the large numbers of received queries about the recently established data breach of unauthorised access and processing of the personal data of DSK Bank EAD customers, the Commission for Personal Data Protection (CPDP) would like to inform about the following: Regulation (EU) 2016/679 ... more
During the one-month inspection undertaken by the Commission for Personal Data Protection (CPDP) over the processing of data by the National Revenue Agency (NRA), it was established that, in the course of its internal procedures, activities and processing, the Agency, as a data controller, has ... more
The Chairman of the Commission for Personal Data Protection has issued a Penal Order to DSK Bank EAD
Today, 28.08.2019, pursuant Art. 87, para. 3 of the Personal Data Protection Act, Mr Ventsislav Karadjov - Chairman of the Commission for Personal Data Protection, after an investigation regarding processing of data of DSK Bank EAD, issued a Penal Order for violation of Art.32, §1(b) ... more