General Data Protection Regulation (GDPR)

Are you ready for the new era in data protection?

On 25 May 2018, GDPR came into force, revolutionising the way that personal data are used and handled. Controllers and processors of personal data need to adhere to the new regulation in order to be compliant.

GDPR introduces a number of changes to the rules governing the protection of personal data, such as:

• obligation to maintain a record of processing activities;
• obligation to apply personal data protection at the design phase (e.g. for IT solutions);
• obligation to perform a privacy impact assessment;
• obligation to notify the data protection authority of data protection breaches;

Risk of non-compliance with GDPR for your organisation:

• Financial
Failure to comply with the provisions of the new regulation may result in the imposition of a financial penalty by the data protection authority (up to EUR 20 million or 4% of annual turnover).

• Reputational
The potential for significant brand damage, litigation and media reporting of an incident is clear and could have a serious reputational impact.

To support you in the implementation of the new regulation, we have a team of experts ready to help you with your GDPR implementation efforts. Our services include:

GAP ANALYSIS

Analysis of the current status and assessment of the compliance level with GDPR.

View more

ACTION PLAN

Creation of an action plan with prioritized solutions based on risk classification of gaps identified during the gap analysis.

View more

DEVELOPMENT OF DATA PROTECTION DOCUMENTATION

Development of policies, procedures, internal documentation. Comprehensive support for the introduction of new or modified processes and measures.

View more

POST-IMPLEMENTATION REVIEW

Check your compliance status after implementation from documentation and practical point of view. Gap analysis and tests of personal data protection systems – people, processes, technology.

View more

INTRODUCTION AND REGULAR TRAINING

Preparing training in personal data protection, including e-learning courses (presentations, outlines). Carrying out training in personal data protection as part of the data protection organizational measures applied by your company.

View more

DATA PROTECTION INTERNAL CONTROLS

Assistance in development of data protection control plan enabling the company to control and continuously improve its data protection environment.

View more

CONTINUOUS MONITORING AND SUPPORT

Privacy by design for new changes and implementations.

View more

REGULATORY ASSISTANCE

Support in your daily cases related to data protection issues and questions.

View more

REVIEW AND ANALYSIS OF BULGARIAN LEGISLATION

Analysis of local legislation (when in force) and assessment of compliance level in your organization.

View more

CODE OF CONDUCTS

Support in creation of code of conduct on sectorial level.

View more

Read more in our brochure: GDPR is effective now!

Contact us:

Request a proposal
Follow us
Industries Energy, utilities and mining Financial services Public sector Real estate Retail and consumer Technology, information, communications and entertainment Transportation and logistics
Services Assurance services Advisory services Tax services Risk assurance services Payroll & HR administration services GDPR
PwC's Academy Portfolio of courses and certifications Calendar of open seminars Mini MBA Program ACCA Foundation in Accountancy (FIA), ACCA Shaolin Courses
Careers
Publications
Press room
About us Leadership Team Code of conduct Global third party code of conduct Transparency report Corporate responsibility Your 25 Reasons to Choose Bulgaria Charity Auction 'Give a Hand' Office & Contacts

© 2017 - 2021 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.