We have introduced a well-experienced background screening services which will help associations and organizations to grow in future. Verification checks can spur worries into the minds of the people who have ill-intentions.

In Bulgaria, background verification is conducted by Background Check Group in such a way that it does not disrupt the reputation of the firm. Through these background verification checks we are forming a database that would be maintained by associations and other regulatory bodies.

We can say for sure that our services will help mitigating the risk factors of handling unfair matters in the company. These services will facilitate screening of every nook and corner of the organization and widely explain which employee is to be recruited or which is not and what all is to be kept in mind in saving the recognition.

Background verification checks are to be conducted all over Bulgaria including Burgas, Blagoevgrad, Dobric, Haskovo, Jambol, Pleven, Pernik, Pazardzik, Plovdiv, Ruse, Sofia, Stara Zagora, Sliven, Sumen and Varna. All these states are performing well in their respective areas. Further information on the particular subject can be obtained by going on to info@backcheckgroup.com.



*Note: This is just a sample report. It may change according to your requirements and country


Data Protection


Contribution Details
Wolf thesis

Anna Rizova



Bulgaria implemented the EU Data Protection Directive 95/46/EC with the Personal Data Protection Act (In Bulgarian: Закон за защита на личните данни), promulgated in the State Gazette No. 1 of 4 January 2002, as amended periodically (“Act”). The Act came in force on
1 January 2002.

The Act was last amended by the State Gazette, Issue No. 81 of 29 December 2011.

Definition of Personal Data

Personal data means “any information relating to an individual who is identified or can be identified directly or indirectly by ID or by one or more specific signs”.

Definition of Sensitive Personal Data

Sensitive personal data means personal data:

  • revealing racial or ethnic origin;
  •  revealing political, religious or philosophical beliefs, political parties or organisations, associations with religious, philosophical, political or trade union purposes; or
  • Concerning health, sexual life or the human genome.

National Data Protection Authority

The Bulgarian data protection authority (“DPA”) is the Personal Data Protection
Commission (In Bulgarian: Комисия за защита на личните данни):
15 Academia van Evstatiev Geshov Str. Sofia 1431

Unless an exemption applies, prior to initiating any personal data processing data controllers must apply for registration with the DPA. The registration covers the data controller and
the personal data registers controlled by it. Changes to the initial registration will require notification of the DPA prior to implementing such changes. The registration is free of charge. The DPA support the following public registers:

  • register of registered data controllers;
  • register of data controllers exempt from registration; and
  • register of data controllers with refused registration.

The prior notification shall inter alia specify the following information (as outlined in the DPA
standard notification forms):

  •  Application Form covering data controllers’ details, such as:
  • the controller’s identification details;
  • the controller’s location;
  • whether the controller processes data for the purposes of defence, national security, public
    order or criminal proceedings;
  • the controller’s main activity;
  • whether the purpose and the means of processing are determined by the controller or by
    the law;
  • whether the data is processed by the controller or data processor; or
  • the number of data registers.
  • Registry Description Form covering each separate register:
  • name and full address of the register;
  • the purpose(s) of the processing;
  • legal ground of the processing;
  • whether automatic or non-automatic means are used;
    the categories of data subjects;
  • the categories of personal data processed, including sensitive data (if processed);
  • the recipients or categories of recipients of the personal data;
  • whether a data transfer to foreign countries is required and the specific countries;
  • sources for collection of the data;
  • whether an explicit consent of the data subjects is available; and
  •  descriptions of technical and organisational measures for data protection in accordance
    with DPA regulation.
  • Exemptions apply in the following situations:
  • data controllers operating the public register on the basis of law which is publicly accessible
    or accessible to those who have a legal interest;
  • non profit making organisations carrying out enumerated processing; and
  • data controllers explicitly exempt from registration by the DPA on the basis that the processing does not endanger the rights and legal interests of data subjects. The rules and conditions for this exemption are specified in a special regulation of the DPA. In such cases the data controller should apply for and obtain the DPA’s decision on the exemption of registration. However, such decision would not relieve the respective data controllers from the DPA’s control under the Act.


Data Protection Officers

There is no legal requirement in Bulgaria for organisations to appoint a data protection officer (“DPO”). Appointment of a DPO is recommended since it helps to build and develop a focus for data protection compliance efforts. It would be a positive signal to the DPA who may investigate the company that the company takes data protection compliance seriously.

At the beginning of 2009 the DPA proposed a Draft Amendment of the Act and initiated public discussion. One of the proposed amendments provided an obligation on data controllers to appoint a specially trained DPO. The Draft Amendment is still under discussion and internal preparation by the DPA, but it is a sign of its understanding of the necessity of a DPO.


Collection and Processing

Any personal data must be processed in a way that is consistent with the following general

  • processed fairly and lawfully;
  • processed only for specific and legal purposes and used only for the purposes stated at the
    time it is collected;
  • adequate, relevant and not excessive for the purposes for which it is processed;
  • accurate, complete and where necessary kept up to date;
  • not kept in a personally identifiable form longer than necessary;
  • processed in accordance with the rights of the data subject under applicable law;
  • kept securely; and
  • not transferred to countries that do not have adequate data protection laws unless the data
    exporter takes certain specific steps to ensure that the data is adequately protected.
  • In addition to the general principles above, data controllers may only process personal data if one of the following conditions are satisfied:
  • the processing is pursuant to a statutory obligation of the data controller;
  • the respective person has provided his/her explicit consent;
  • the processing is necessary for the performance of a contract to which the data subject is a party;
  • the processing is necessary for the protection of the life and health of the data subject;
  • the processing is necessary for the controller to carry out certain duties, in the public interest or by virtue of law; or
  • the processing is necessary for the purpose of legitimate interests pursued by the data controller or data recipients, provided that the interests of the data subject are protected.
  • Should the personal data be considered “sensitive” specific processing conditions must be satisfied.
  • Whichever of the above conditions is relied upon, the controller must first provide the data subject with certain information, unless an exemption applies, namely:
  • identification data of the controller and its representative;
  • the purposes for which the data will be processed;
  • the recipients or categories of recipients to whom the personal data may be disclosed;
  • whether the provision of personal data is obligatory or voluntary and the consequences if the data is not provided (applicable if the data is gathered directly from the person to whom it relates);
  • the categories of personal data relating to the respective individual (applicable if the data is not gathered directly from the data subject); or
  • information about the right of access to the data and the right to rectify the collected data. The prior notification obligation is not applicable to a data controller who does not collect the data directly from the data subject and where one of the below conditions is present:
  • processing is made for statistical purposes or for the purposes of historical or scientific research and the provision of the data is impossible or would involve a disproportionate effort;
  • recording or disclosure of data is explicitly laid down by law; or
  • the individual to whom such data relates already has the required information.


The transfer of personal data within the European Union (“EU”) and European Economic Area
(“EEA”) is free and should be in compliance with the applicable Bulgarian data protection law.

The transfer of personal data outside of the EU and the EEA is permissible only on the condition that the recipient state can ensure an adequate level of personal data protection within its territory. The assessment concerning the adequacy of the level of personal data protection in the recipient state should be made by the DPA.

The DPA should not undertake an assessment where a decision of the European Commission has to be implemented whereby the European Commission has ruled that (1) the country to which the personal data are transferred has ensured an adequate level of protection; or
(2) certain appropriate contractual clauses are in place ensuring the adequate level of protection
(the EU model contractual clauses).

The DPA has still not issued any statement of approval or recognition regarding the use of binding corporate rules (“BCR”). Should the DPA consider that the protection level of personal data protection in the recipient state is unsatisfactory, it may prohibit the personal data transfer. Even in such a case, the DPA may authorize the transfer should the data controller provide sufficient warranties with respect to the protection of the individual’s fundamental rights. In any case, the data controller should notify in advance the DPA of its intention to transfer personal data to countries outside the EU and EEA by specifying the countries of transfer, the purpose of the transfer and the categories of personal data subject to transfer.


Data controllers must implement appropriate technical and organisational measures to protect personal data against accidental or intentional destruction or loss, unauthorized disclosure or access, amendments or distribution and against all other unlawful forms of processing. Data controllers must implement special protection measures in cases of electronic data transfer.

The minimum level of technical and organisational measures, as well as the admissible type of protection are specified by the DPA in a regulation. The Act requires data protection measures to be specified in an internal instruction issued by the data controller and to be announced in the registration application before the DPA.

Breach Notification

The Act does not provide for a data security breach notification duty.


The DPA is responsible for the enforcement of the Act. Either acting ex officious or upon a complaint from a data subject the DPA is entitled to: (i) initiate an investigation; (ii) provide mandatory instructions, including but not limited to order the database to be erased when
it does not comply with the data protection regulations; (iii) provide a mandatory term for rectification of the breach; (iv) temporarily prohibit any unlawful data processing, after preliminary notification (temporary prohibition of data processing could be imposed also in case of failure by the data controller to comply with the Commission’s mandatory instructions); and (v) impose administrative sanctions.

Administrative sanctions in the form of fines for violations of the Act range from BGN 10,000 to BGN 100,000 (approximately EUR 5,000 to EUR 50,000).

Data controllers are liable for any damage caused to an individual as a result of unlawful processing or by breaching the technical requirements of data protection. The data controller is also liable for any damage caused by a data processor acting on behalf of the data controller.

The DPA decisions are subject to appeal before the Bulgarian Supreme Administrative Court within 14 days of receipt and the data subject may, in the case of an infringement of his/her rights under the Act, appeal against actions and acts of the data controllers before the relevant administrative court or the Supreme Administrative Court, as the case may be, in accordance with the general rules governing jurisdiction.

The transfer or distribution of computer or system passwords which results in the illegitimate disclosure of personal data constitutes a crime under the Bulgarian Criminal Code (promulgated in the State Gazette No. 26 of 2 April 1968, as amended periodically) and the penalty for such a crime includes imprisonment for up to three years.

Electronic Marketing

Data protection of electronic marketing falls under the general regulations of the Personal Data Protection Act which currently requires the explicit consent of the data subject for processing of his/her personal data.

There are grounds for lawful processing of personal data (as mentioned above) but taking into account their limited and specific scope, for e-marketing specific purposes, the explicit consent of the data subject is likely to be necessary. The absence of a special legal framework concerning exclusively data protection in e-marketing makes the opt-in regime the only possible legitimate method of pursuing e-marketing. This is further supported by the current regulations concerning direct marketing activities.

The Bulgarian E-commerce Act explicitly requires, when it comes to direct marketing to natural persons, the opt-in mechanic to be mandatory applied. Moreover, after the natural person’s consent is provided, the person shall always be given the opportunity to opt-out from the direct marketing network and refuse his/her personal data to be further processed for such purposes.

Online Privacy (Including Cookies and Location Data)

Again neither the current Personal Data Protection Act nor any other legislative act in force, Recognizes a specific framework or protection for processing of personal data as part of any kind of online activities, including cookies and traffic and location data. In the absence of specific rules, the general regime for processing of personal data shall apply and the data controller shall insure one of the above mentioned grounds to process the data lawfully is satisfied.

Police Background Check Procedures

Who can apply?

  •  Individuals must apply, prospective employers cannot apply.
  •  Third party applications are accepted, on production of completed third partyapplication form, certificate of inheritor or with a power of attorney.

Consult your nearest Bulgarian embassy for more information.


  •  Local applicants must send their application form (linked below) to the Central Office of Criminal Records, Ministry of Justice (see below).
  •  External applicants must consult their local consulate/embassy (see below).

What must the applicant supply?

  •  Completed application form
  •  ID card or passport
  •  Original birth certificate
  •  Receipt of fee payment
  •  In cases of name alterations, an Identification of Names Statement.

What are the costs/turnaround?

  •  For Local Bulgarian applicants: BGL 5 (approx. GBP £2); foreign nationals in Bulgaria: BGL 2

(approx. GBP £0.85) with direct applications in Bulgaria, turnaround is up to 3 days.

  •  For applications through an Embassy: around £20; turnaround time will be available on application to an embassy.

Contact Details

Local applicants must consult:

Central Office of Criminal Records

Ministry of Justice

5 Aksakov Street

1040 Sofia Bulgaria

Tel: + (0035) 929 237 355

Fax: + (0035) 929 881 142


External applicants must consult:

Bulgarian Embassy in London 186-188 Queen’s

Gate London


Tel: 00 44 207 584 9400


Bulgaria – Know Your Customer (KYC) Rules

Bulgaria‘s developing financial sector, large underground economy, prevalent use of cash transactions and lack of effective enforcement combine to make Bulgaria vulnerable to money laundering. The main sources of laundered money in 2011 were derived from domestic and foreign criminals engaging in drug trafficking, smuggling, human trafficking, tax fraud, credit card fraud, and increasingly, internet fraud. Bulgaria is a major transit point for the trafficking of drugs and persons into Western Europe. Corruption remains a serious problem and many still associate public tenders with kickbacks and money laundering. Financial crimes enforcement capacity is limited. The authorities opt for easy-to-prove, low-level corruption and related money laundering cases. As a result, progress on cases of high public interest, involving alleged siphoning of millions of taxpayer money, such as the public procurement of big energy infrastructure projects, have not generally been pursued.

Bulgarian criminals often establish small businesses to hide laundered funds, increasingly in offshore territories. However, due to the adverse effects of the economic crisis, businesses are seeing less profit, making it more difficult to launder money in these venues. In 2011, casinos, night clubs, car dealerships and, to a lesser extent, wholesale traders, were the most common businesses associated with money laundering in Bulgaria. The tourism and gaming industries are considered important venues for money laundering activities among organized crime groups.

There are six free trade zones in Bulgaria that are supervised by the Ministry of Finance: Burgas, Vidin, Ruse, Svilengrad, Plovdiv and Dragoman. The goods produced in these zones are exported without duties. While this is becoming less common due to Bulgaria‘s EU membership, some believe free trade zones are used to avoid paying customs fees, especially on gas derivatives and cigarettes sold within Bulgaria.

Contraband continues to generate laundered funds within the Bulgarian financial system, particularly the trade in smuggled cigarettes, alcohol, and fuel. According to the NGO Center for the Study of Democracy, the smuggling of cigarettes is particularly problematic, creating an illicit income stream in excess of $400 million annually in 2010 – 2011.


Enhanced due diligence procedures for PEPs:

A PEP is an abbreviation for Politically Exposed Person, a term that describes a person who has been entrusted with a prominent public function, or an individual who is closely related to such a person. The terms PEP, Politically Exposed Person and Senior Foreign Political Figure are often used interchangeably

    • Foreign PEP: NO
    • Domestic PEP: YES

Bulgaria – KYC covered entities

The following is a list of Know Your Customer entities covered by Bulgarian Law:

    • Banks
    • Money exchangers
    • Insurance companies
    • Investment funds
    • Notaries
    • Gambling businesses
    • Securities dealers
    • Real estate brokers
    • Political parties
    • Sport clubs
    • Accountants
    • Private enforcement agents

Bulgaria – Suspicious Transaction Reporting (STR) Requirements:

Number of STRs received and time frame: 1,058 from January to September 2011

Number of CTRs received and time frame: 162,181 from January to September 2011

The following is a list of STR covered entities covered by Bulgarian Law:

    • Banks
    • Money exchangers
    • Insurance companies
    • Investment funds
    • Notaries
    • Gambling businesses
    • Securities dealers
    • Real estate brokers
    • Political parties
    • Sport clubs


Prosecutions: 34 from January to September 2011
Convictions: 29 from January to September 2011


The Government of Bulgaria (GOB) has undertaken steps to deter financial crimes and continues to track the number of money laundering prosecutions and reports of suspicious financial transactions. The GOB has introduced legislation to allow civil asset forfeiture independent of a criminal conviction, which would make it more difficult for criminals to hide and launder illegal assets. The GOB also should make legal persons subject to criminally liability for money laundering offenses.

Aggressive prosecution of money laundering cases is hampered by the reluctance of key witnesses to testify against organized criminal groups; lack of incentives to motivate prosecutors to take on complex cases; and poor coordination and ineffective communication among police units. However, investigators and prosecutors are developing and implementing training programs, manuals and internal guidelines designed to strengthen their capacity to investigate these cases.

In 2011, roughly 95% of financial reporting was done by financial institutions. Reporting by non-bank institutions, such as gaming businesses, investment intermediaries, notaries and leasing companies continues to be low. This is likely due to the absence of effective regulatory control over the non-bank financial sector. The GOB also should make foreign PEPs subject to enhanced due diligence requirements.

The combination of a steep increase in excise duties on cigarettes, falling incomes during the financial crisis and the less stringent control on the EU internal border between Greece and Bulgaria has strained the capacity of Bulgarian customs to counter cigarette smuggling. However, Bulgarian customs and law enforcement agencies conducted several high-profile anti-smuggling operations in 2011, which led to the seizure of significant amounts of contraband.


Sovereign risk

A downgrade to BB in October 2014, from BBB, reflected fiscal loosening under the previous centre-left government and uncertainty about the likely longevity of the new centre-right coalition, given that the government lacks an outright majority in parliament. The Economist Intelligence Unit’s forecasts assume that the ruling coalition will pursue fiscal consolidation at a relatively slow pace, resulting in public debt rising sharply to around 30% of GDP in 2015 and 2016.

Banking sector risk

Banks have suffered a rise in bad loans, but have generally sound capital adequacy and are profitablealthough a notable exception, Corporate Commercial Bank (CCB), collapsed in mid-2014, owing to a liquidity crisis. Given Greek banks’ importance to Bulgaria, the recent election of an anti-austerity government in Greeceand uncertainty over Greece’s membership of the euro zonecould have an adverse impact on the Bulgarian economy.

Political risk

Although the political turmoil of the past 18 months has subsided, Bulgaria still faces political uncertainty following the formation of a minority government comprising the Citizens for European Development of Bulgaria (CEDB) and the Reformist Bloc (RB), which relies on the support of two other parties. Policy differences represent a risk to government effectiveness and political stability.

Economic structure risk

The economic structure risk rating changed to BB in June 2014, from BBB, when the 2014 public debt/GDP ratio was forecast to move above the 20% threshold. High private-sector external debt still poses a risk to macroeconomic stability.

Travel Risk


The decision to travel is your responsibility. You are also responsible for your personal safety abroad. The purpose of this Travel Advice is to provide up-to-date information to enable you to make well-informed decisions.


Petty crime is less widespread in Sofia than in most Western European cities. Nevertheless, petty crimes (such as pickpocketing, mugging and purse snatching) do occur, particularly at railway and bus stations, tourist sites and crowded areas. Some tourists have been victims of overcharging in clubs and have been threatened with violence if they did not pay. Be especially vigilant at tourist resorts along the Black Sea.

Vehicle theft occurs. Park in a guarded location, and always keep valuable belongings out of sight.

Organized crime

Organized criminal groups are active in casinos and nightclubs and are involved in prostitution. Although rare, violent crime, which includes bombings and shootouts generally attributed to turf wars between rival gangs, occurs.


Demonstrations occur and have the potential to suddenly turn violent. They can lead to significant disruptions to traffic and public transportation. Avoid all demonstrations and large gatherings, follow the advice of local authorities and monitor local media.

Road travel

Driving can be hazardous due to aggressive drivers, high speeds, poor road conditions outside major centres and a lack of traffic signs and lane markings. Do not drive after dark and be very cautious in winter. Animals are commonly found on rural roads, posing a risk. Confronting aggressive drivers is not recommended, as they may be armed.

Be cautious when crossing streets, as drivers do not always give pedestrians the right of way.

Police have been known to solicit bribes. While you may be delayed if you refuse to pay the bribe, there have been few reports of problems beyond inconvenience.

Public Transportation

Use only licensed taxis with meters. Verify the tariffs on the taxi’s window before entering it. At Sofia Airport, visit the taxis booth within the arrivals terminal to obtain a fair rate.

Rail services are generally poor by Western standards. It is preferable, therefore, to travel by inter-city buses, which are frequent, comfortable and relatively fast.

Most cities and larger towns have public transportation systems. There are regular bus services between most major towns in the country.

See Transportation Safety in order to verify if national airlines meet safety standards.

Spiked food and drinks

Never leave food or drinks unattended or in the care of strangers. Be wary of accepting snacks, beverages, gum or cigarettes from new acquaintances, as the items may contain drugs that could put you at risk of sexual assault and robbery.

General safety information

Carry adequate identification at all times. Keep a photocopy of your passport in case of loss or seizure.

Exercise a high degree of caution. Ensure that your personal belongings and passport and other travel documents are secure at all times. Valuables and important documents should be stored in a hotel safe. Avoid showing signs of affluence and carrying large sums of cash.

Emergency services

Dial 112 for emergency assistance.

Address Format




Georg Popandov
Kukush Str. 2, fl.6


Calendar GMT Reference Actual Previous Consensus Forecast
2015-02-13 09:00 AM Q4 1.2% 1.5% 0.68%
2015-03-06 09:00 AM Q4 1.3% 1.5% 1.2% 1.2%
2015-05-13 09:00 AM Q1 2.0% 1.3% 0.84%
2015-06-09 09:00 AM Q1 1.3% 2.0% 2.0%
2015-08-14 09:00 AM Q2 1.69%
2015-09-08 09:00 AM Q2
Translate »

Subscribe For Latest Updates

You will receive interesting updates about Background Screening

We will not leak your personal information