Privacy & Data Protection

Toshev & Boteva’s International Privacy & Data Protection Group advises organizations around the world. Our leading data protection specialists have long standing practical expertise including working at Data Protection authorities.

Toshev & Boteva can help you deliver global strategies and objectives while steering you through a myriad of local differences which continue to complicate the data protection scene worldwide. Our legal advice is accurate, clear, pragmatic and business focused.

Toshev & Boteva takes a hands-on approach, advising not just on the letter of the law, but also making practical suggestions for clients to consider. We have provided privacy advice to a large number of clients for many years. Because of this, we are able to draw on our practical experience of the ways in which organizations are approaching data protection compliance to add value to our clients’ businesses.

The approach of data protection authorities to compliance is key to understanding the procedures and risks of non-compliance.  Toshev & Boteva’s lawyers have worked in-house with local regulators and we maintain close links with them. We regularly work with regulators where helpful to our clients.

Toshev & Boteva has unrivalled expertise in data breach and security incidents. We have acted on many front-page data breaches, assisting with immediate follow-up, breach notification requirements and late regulatory investigations. We have also assisted clients on a pre-emptive basis, developing global data breach policies and procedures.

We have an in-depth knowledge in:
         (i)  general data breach notification requirements
         (ii)  sectorial obligations (e.g. obligation on providers of public electronic communications services)
         (iii) duties provided by industry standards and
         (iv) general local security obligation

As soon as an organization has reason to believe that an incident might have occurred, Toshev & Boteva can immediately help with:

  • Sorting out the legal implications of the incident: Whether there are breach notification requirements, liability considerations, PCI obligations, criminal investigation, our experts are here to help.
  • Offering legal privilege over all incident related communication with the company: Involving Toshev & Boteva is the best way to offer legal privilege over all the communications relating to the incident regardless of the countries in scope.
  • Providing a secure archiving and sharing platform: We provide a centralized depository and/or secure client online platform where all communications and documents relating to the incident can be accessed and shared. This is especially useful if multiple people and different third party providers are involved in resolving the issue.
  • Our incident response team includes lawyers that are experts in a wide spectrum of issues facing a company at such a critical time. This goes from data protection law considerations to law enforcement expertise. We have dedicated lawyers in each jurisdiction. Do reach out if you have questions or would like to know how we can help.  

For more information on the General Data Protection Regulation please visit our GDPR In Focus page. General Data Protection Regulation >


Have an idea? Brainstorm with us.

Dedicated to success!