“Velinov & Partners” Consulting House was invited to participate in “Capital’s” special edition, i.e. “Capital Business Report”, with a material dedicated to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (broadly known as GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data Our law firm, being a leader in the field of personal data protection, already works on the implementation of the provisions laid down in the Regulation which will enter into effect on May 25th 2018. The process of practical implementation of the new rules should have already been concluded by then. Capital’s special profiled edition – Business reports, is entirely aimed at maintaining a discussion on particular activities which need to be executed by the companies in order to meet the updated data privacy provisions as stipulated in the EU Regulation. In our material which was published in the magazine, Attorney at law Asen Velinov addresses the reasons why a legal consultation is a necessity when implementing GDPR’s requirements, also on the rights natural persons have and the means for protecting one’s rights which are provided by the Regulation, as well as on other useful aspectsconcerning the business. “Capital Business Report” is distributed only to subscribed Clients of “Capital”. The full text of the article published in the magazine is available below.The team of “Velinov and Partners” Consulting House
It is strongly recommended that the process of bringing a company to a state of compliance with GDPR’s requirements involves a review by Lawyers In the effort of protecting the company’s interests and providing the highest level of protection, it is vital that the process is assigned to an individual with the necessary knowledge in the field of personal data as well as being familiar with the company’s activities. For the past 15 years “Velinov and Partners” Consulting House has been one of the leading law firms in Bulgaria in the fields of civil and administrative law, and more particularly the field of commercial law, contract law, property law and public procurement law. The team comprises of ambitious lawyers who have a solid professional background, qualifications and abide by the highest standards. The managing partners, Svetoslav Gerdzhikov and Attorney at law Asen Velinov are at the head of the team. At the end of February Asen Velinov participated at the “Are we ready for GDPR?” Conference as its main speaker. “Legal advice on the implementation of the Regulation and the alignment with its requirements is of pivotal importance for each organization. The practical enactment of GDPR requires possessing an in-depth knowledge and understanding of data privacy regulation in a broader sense which includes legal acts on both European and local national level. Taking the particularities and specificities of the matter as well as the low number of well-prepared specialists in the field we believe that our involvement in the preliminary stage of the process would ensure highest level of compliance and protection. Like any legal act, REGULATION (EU) 2016/679 should be examined, analyzed, interpreted and applied by lawyers. This regulation has a very specific technical aspect to it, aimed to a great extent at software solutions, it strongly requires the involvement and participation of IT specialists. Participation in the internal analysis of the company’s activities, as well as the following implementation of the necessary organizational measures should be assigned to an individual who has the necessary knowledge and insight in the field of data privacy. The right person should be aware of the activities and the complex and specific structure of the company and legal background is imperative. This includes the creation of a large set of documents (or update, if such already exist), e.g. registers, internal rules of procedure, declarations and standard contractual clauses also the proper training of the company’s employees etc. We provide all of this in close collaboration with IT specialists, which are specifically trained in data privacy in the digital environment. Professional approach and qualifications needed for the performance of services and trainings which we provide as well as the broad and rich experience in the legal field, attributive to the team of “Velinov & Partners” Consulting House testify to the quality of the offered services and ensure that data privacy protection in your company is in good hands. “Attorney at law Asen VelinovNatural persons whose personal data is being processed dispose of the following rights:Rights:• Right to receive information• Right of access• Right to rectification• Right to restriction of processing• Right to data portability• Right to object• Rights when individual decision making is made automatic• Right for erasure, the so called “right to be forgotten Means for protection one’s rights:• Right to to lodge a complaint with a supervisory authorityRight to an effective judicial remedy against a controller or processorRight to an effective judicial remedy against a supervisory authority• Right to be represented by a not-for-profit body, organisation or association• Right to receive financial compensation Having the rights described above, each individual can request the relevant Controller/Processor of personal data to comply with the requirements as per those rights or protect oneself in case of refusal. When a natural person’s rights are violated, the relevant compensation can be claimed. It is mandatory for a company to designate a Data Protection Officer, when one of the following apply:• The Controller of personal data is a public authority or structure;• When personal data processing is of such nature, scope and/or purposes which require regular and systematic large scale monitoring of data subjects and/or their personal data;• the core activities of the controller or the processor consist of processing on a large scale of special categories of data and personal data relating to criminal convictions and offences.It’s important to have in mind that each supervisory authority in the field of data protection for another EU member-state can perform audits of the compliance to the Regulation’s rules by Bulgarian Controllers/Processors whenever the rights of data subjects who are citizens of this country have been violated.