ePrivacy Directive Compliance in Bulgaria
The ePrivacy Directive governs electronic communications privacy, covering cookies, email marketing, and confidentiality of communications. Its replacement (ePrivacy Regulation) is pending but the Directive remains law.
How does ePrivacy apply in Bulgaria?
ePrivacy applies in Bulgaria under EU law with the same obligations as across the bloc — maximum fine Per member state (typically up to €20M). The national supervisory authority is the CPDP (Commission for Personal Data Protection), which handles enforcement, complaints, and notifications. Deadline: In force — update expected 2025-2026.
- Supervisory authority: CPDP (Commission for Personal Data Protection)
- Maximum fine: Per member state (typically up to €20M)
- Key deadline: In force — update expected 2025-2026
| Supervisory authority | CPDP (Commission for Personal Data Protection) |
| Maximum fine | Per member state (typically up to €20M) |
| Key deadline | In force — update expected 2025-2026 |
| Sectors affected | Telecommunications, Digital Services |
In force — update expected 2025-2026
Per member state (typically up to €20M)
Telecommunications, Digital Services, E-commerce
Key ePrivacy Obligations for Bulgaria Businesses
- Obtain consent for cookies and tracking
- Honour opt-out for direct marketing
- Protect confidentiality of communications
- Notify breaches to authorities
- Implement privacy by default
Does ePrivacy apply to your Bulgaria business?
Find out in 2 minutes with our free regulation checker.
Check now — freeePrivacy in Other Countries
For informational purposes only. This is not legal advice — consult qualified legal counsel.