The amount of information being held by organisations is increasing exponentially, as is the frequency with which information is transferred between organisations and individuals. Our focus is on providing clear guidance that cuts through the complex regulatory framework and goes further than routine black letter advice.

Data protection and data privacy has never had a higher profile. Today individuals, organisations and regulators are more and more aware of the importance of ensuring that data is used properly and in accordance with legitimate purposes and that it is held and processed securely. Imminent European law reform and the General Data Protection Regulation (GDPR), with its more stringent rules and increased penalty regime (which may be linked to annual turnover) means that the importance of compliance will become more acute for all organisations.

Demonstrating compliance with the data protection legislation and the GDPR requires organisations to develop clear policies and procedures to protect personal data.  Breaches of the rules may lead to significant reputational damage for organisations. Additionally, the financial penalties that can be levied for breaches are becoming increasingly severe. Undoubtedly the future will entail an increase in the data protection compliance obligations of all organisations that collect, hold and/or process personal data as part of their operations (both home and abroad). We can help you meet these challenges, be it advice on future-proofing now for the changes ahead, or wider compliance strategies.

We will work closely with you to help you to lawfully collect and exploit data. At the same time, we can help you ensure you have the right policies, processes and security in place to manage the risk of data misuse, breaches, data theft and hacking.

We understand the law and also the way it is applied by the regulators. We are often in touch with them. We offer practical advice on all data issues, from innovative technology such as eHealth, wearable technology and virtual reality, to more straightforward data protection compliance.

We provided an international broadcaster with detailed advice on EU’s current and proposed data protection regime. We guided a Bulgarian retailers on applicable data and privacy laws.

We advise a number of clients on the implementation of collecting, hosting and analyzing personal, including dealing with issues such as ‘profiling’ and targeted messaging.

Our expert team provides advice in respect of a full range of data protection and information governance related issues. Certain areas of advice include advice on the GDPR, dealing with data breach issues and notifications, preparation of data protection notices on websites and other marketing materials, assisting companies to develop compliance guidelines and carry out data protection audits, advice on data protection in the employment setting, including issues arising from employee surveillance, preparing confidentiality agreements.

Main contacts

IRINA STOEVA

Partner
Tel: +359 (2) 954 6106
Email: irina.stoeva@stzlaw.eu
View Profile

 

MIROSLAVA IORDANOVA

Senior Associate
Tel: +359 (2) 954 6106
Email: miroslava.iordanova@stzlaw.eu
View Profile