GDPR Compliance - Head Office

Bring the Privacy Policy in your company by trusting the experts of Kreston BulMar.
With our special service every company can rapidly implement it and afford it!

On May 25, 2018 the General Data Protection Regulation, known as the GDPR entered into force. It does not matter whether you are registered as a personal data administrator or have the capacity of a processor -EVERY BUSINESS WHO WORKS WITH PERSONAL DATA OF INDIVIDUALS IS OBLIGED TO COMPLY WITH THIS REGULATION. Every company needs to analyze its processes related to the processing of personal identification information, assess the risk of data protection, and implement the necessary procedures for their processing and protection.

What Our Service is?

As a responsible consulting company, we at Kreston BulMar have set up a large GDPR team and put in a huge resource to thoroughly study the Regulation and all guidelines and instructions for its implementation given by the European Commission's special working group. This allowed us to overcome all the inherited myths regarding GDPR and to create an understanding of what is necessary as a minimum and what is sufficient to make a small, medium or large business meet the requirements of the Regulation.

We understand that in order to put in place new rules in a company, they need to be illustrative, concise, clear and easy to apply. That is why we have made a huge effort to develop a model for simplified policies and procedures that are well illustrated so that each company can quickly implement them into their business by easily and quickly training all employees who will have to apply them.

For even greater ease, for each company, we adapt the Quick Start Manual, through which each employee can quickly be trained over the entire data processing and data protection system, and then easily recall what needs to be done on each individual procedure. You can see below how we illustrate the procedures that will have to be followed with you.

We‘ve made all that because if you have just a few procedures that people do not understand and do not apply, it means that the probability of a personal data protection problem to occur is great, and the likelihood of being imposed a penalty is also very high.

Project Phases

1. Conducting an interview to analyze processes that are related to personal data processing within your business. 1-2 working days from
the start of the service
2. Assessing your company's GDPR compliance and concluding on the necessary policies, procedures and documents that should be applied to your company's business. 8-10 working days after
the completion of Phase 1
3. Preparation of an impact assessment on offence or misconduct relating to personal data with respect to the risks of various probability and degree for the rights and freedoms of individuals, on the basis of which all processing policies and personal data protection measures are prepared. 8-10 working days after
the completion of Phase 1
4. As a result of the compliance analysis and impact assessment, preparation of a package of tailored documents for GDPR compliance in your company, incl. policies, procedures and documents to be applied and submitted to the supervisory authorities in case of inspection. 8-10 working days after
the completion of Phase 1
5. Preparation of an Instruction for the application of the documents provided in phase 4 in the activity of your Company. 8-10 working days after
the completion of Phase 1

Price of the Service

Number of employeesPrice BGN
up to 5 people 1 250
6 to 10 people 1 750
11 to 50 people 2 500
51 to 100 people 3 500
101 to 250 people 5 000
over 250 people 7 000

Contacts

Nina Stoeva 0878 150 067 GDPR@bulmar.com
Dimitar Yanev 0877 034 147
Tsvetelina Paskova 0877 034 140
Deyan Rizov 0879 638 000
Plamen Stefanov 0876 637 000
Lachezar Mikov 0879 518 000
Ivelin Uskov 0879 576 000

Some of the myths and misconceptions regarding GDPR compliance process

  • Myth No. 1: GDPR is yet another administrative burden on companies.
    Absolutely NOT! The spirit of GDPR is not to create additional administrative burden, but to introduce a uniform EU-wide rules and procedures on personal data processing. Moreover, the Regulation even exempts companies employing up to 250 people from having to keep certain registers in order to reduce the administrative burden on them.
    Many consultants and analysts who are not well familiar with GDPR, or perhaps willing to earn more based on people’s fear, try to create the impression that GDPR compliance is a very difficult process to implement and is very cumbersome from an administrative point of view.
    It should be noted that the GDPR does not differ significantly from the current Directive or from Bulgari’s Personal Data Protection Act, but simply unifies the rules throughout the Union and enforces with enormous stringency their compliance.
    Last but not least, let's honestly say that every person would like to feel secure regarding their personal data, and this can be achieved with more order and rigor on those who are processing the same.
  • Myth No. 2: The GDPR compliance process is a very complicated and long one.
    Yes, the process could be complicated and long, if you yourself set the goal to study GDPR and all guidelines and practices related thereto to build and implement your own internal rules to comply with the Regulation and avoid high penalties.
    However, if you hire a suitable consultant, the GDPR compliance process is done with much less effort and within much shorter deadlines –2-3 weeks.
  • Myth No. 3: Using a consultant to get your trough the GDPR compliance process is very expensive.
    Yes, until recently, while services in the field were still exotic, the prices were very high – tens of thousands of Bulgarian leva, and the process continued for months.
    Excessive prices come from consultants who do not have available well-built methodology to quickly assess problem areas and quickly provide the necessary solutions because it takes them many, many man hours that the client has to pay. When selecting a suitable consultant with a well-built working methodology, the GDPR implementation is done at a very affordable price and for very short deadlines.
  • Myth No. 4: GDPR compliance requires costly technological solutions
    Absolutely NOT! No such requirements are set anywhere in the GDPR. In general, it is sufficient for the company to create a good internal organization of personal data on licensed operating systems, networks and applications. A well-trained consultant will provide you with the appropriate processes to ensure that the personal data you maintain is reliably protected, in accordance with GDPR, with the available licensed operating systems, networks and applications.

Location

1

Nishka str. 172

Contact person
Nina Stoeva
nstoeva@bulmar.com

Our team

Nina Stoeva

Prosecutor
close

Nina Stoeva

Prosecutor

Нина Стоева е завършила Нов Български университет. Към екипа на Kreston BulMar се присъединява през 2014 г. От 2015 г. е адвокат, а така също и част от Адвокатско дружество „LEGALEX”. Зад гърба си има над 100 професионални публикации и около 10 изнесени семинара по трудово-правни теми. От няколко поредни години сътрудничи на Световната банка, като дава професионални становища по въпроси, свързани Дружествено право. В годините има натрупан процесуален опит в трудово-правни и дружествени казуси. Има богат опит по изготвяне и коригиране на всякакви видове договори.

close

Slavi Mikinski

Attorney at law

Slavi Mikinski is a Master of Law graduated from the Sofia University St. Kliment Ohridski, and since 2006 is a member of the Sofia Bar Association. He has specialized in American Institutions and Law at the Tulane University in the United States and American Business Law at Texas University in the United States. Since 2009 he has been chairman of the Sofia Court of Arbitration. His professional competence covers the areas of commercial, tax, labor, insurance and property law. Working languages - Bulgarian and English.

Slavi Mikinski grew up in the city of Veliko Tarnovo. He is married with two children. Loves to travel. In his free time he is practicing sports and likes to read.

close

Anelia Batleva

Attorney at law
close

Tsvetelina Paskova

Attorney at law
close

Lachezar Mikov

Legal adviser

Our publications in the expert site balans.bg

  1. Кога можем да наложим дисциплинарно наказание или да уволним дисциплинарно
  2. Данък върху разходите – кои разходи и кога се облагат с този вид данък?
  3. Предоставянето на стипендии - данъчно облекчение за бизнеса
  4. Годишната данъчна декларация на Физически лица
  5. Обезщетение при прекратяване поради болест на служителя
  6. Промени в осигуряването през 2016 година
  7. Прехвърляне на майчинство на бащата
  8. Годишната данъчна декларация за Физически лица се подава до края на април!
Total Publications: 156
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. Next

Other services from Head Office