By “information technology” (IT) we understand the use of computers and computer systems for data/information processing. IT law regulates the public relations that arise and develop in connection to the use of different information technologies. Such relations are for example:

  •  E-commerce and information society services;
  •  Electronic documents and certification services;
  •  Protection of competition, consumers and other rights and interests on the Internet;
  •  Social networks and information sharing on the Internet;
  •  Protection of personal data and information;
  •  Information security and cryptography;
  •  Data ethics and data protection by design, etc.

Gospodinov & Genchev’s team will not only guide you through the sea of IT regulations but will also offer you a specialized in-depth assistance in the implementation of data protection and information security regulations. Moreover, we will offer protection of your intellectual property rights as they are particularly vulnerable in the digital environment.


IT, e-commerce and data protection are the most popular and demanded areas of our expertise. Our team members are well-trained and have all the necessary technical competences to navigate quickly and communicate adequately with the IT community.

Attorney Gospodinov is well known both in Bulgaria and abroad as a specialist in the field of data protection and information security. He is IAPP Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM) and one of the founders of the Bulgarian branch of the prestigious international organization. He co-authored the book Privacy by Design: Principles, Practices and Technologies as a board member of the IDEA Foundation.

We have extensive experience in managing numerous data protection compliance projects and our team members are appointed as Data Protection Officers of large companies such as Siteground Hosting. Furthermore, we work with companies like OneTrustand LogSentinelthat offer efficient data protection management software and information security systems.

We also provide various services in both direct and indirect e-commerce. We’ve given consultations on issues related to the signing and execution of distance contracts and the provision of information society services in the digital environment. We produce legal documents such as Terms and Conditions, Privacy Statements and Notices, Data Processing Agreements, Data Protection and Information Security Policies, Procedures, Rules, etc..

We have represented our clients on numerous occasions before the national Consumer Protection Commission and before court. We have a high success rate in penal decrees litigation. We have also been involved in class action lawsuits over unfair contract terms brought against our clients.

Our clients are from all IT sectors – software development and design, software and hardware support, digital marketing, database building and maintenance, outsourcing, etc. We are prepared understand their needs, protect their specific interests and identify potential risks.

Our team members constantly build upon their skills and knowledge on the latest technological developments such as artificial intelligence, blockchain, the Internet of Things (IoT), and Industry 4.0. Our aim is to reflect upon the legal side of innovation and meet our clients’ expectations with timely advice on their opportunities for legal protection.


  • Consultations on issues related to personal data protection and information security such as: privacy by design, consent and direct marketing, response to data security breaches, relations between administrators and processors, etc.;
  • Data Protection Officer and services related to Privacy Management Systems
  • Risk assessments and Data protection impact assessments;
  • Audits and projects for legal and organizational compliance with data protection and information security regulations;
  • Preparation of different types of contracts for the IT industry – SLA and MLA, software or website development, distribution contracts, proof of concept, marketing contracts, investment schemes, etc.
  • Preparation of contracts and documents related to data protection, information security and other information relations;
  • Collecting evidence related to information security incidents and data breaches;
  • E-commerce and online shops – harmonization of websites and mobile applications with legal requirements;
  • Consultations on issues related to ethical data processing, including big data algorithms;
  • Some of our services in the IT sector are also related to a separate area of competence intellectual property rights.


Liability and appropriate measures under the GDPR, the administrative sanction of the CPPD, and compensation cases for affected citizens On 15.07.2019. , the nation was faced with the extremely unpleasant reality of the NRA Data Leak that had occurred. Although the initial dimensions of the event were not completely clear, the inspection conducted by the…

Next step on the way to the United Digital Market The question of the usage and sharing of data has been on the agenda in the European Union for a long time. When GDPR came into force an act with direct effect in the European Union was introduced, which unifies the personal data protection regime. …

© 2022