Posted on: 25.05.2018


General information

As of May 25th, 2018 EU Regulation 2016/679 (General Data Protection Regulation - GDPR) of the European Parliament and the Council of April 27th, 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive) comes into force.

The regulation regularizes the rights and obligations related to the protection of personal data of natural persons from all EU member states.

Sofia Municipality in its capacity of Data Controller within the meaning of Article 4, paragraph 7 of EU Regulation 2016/679 carries out the activities of collecting, processing and storage of personal data in conformity with EU Regulation 2016/679 and the Personal Data Protection Act.


Information on the Data Controller

Name:                                                Sofia Municipality

Seat and registered address:            33 Moskovska Str., Sofia 1000

Postal address:                                  33 Moskovska Str., Sofia 1000

Phone:                                                0700 17 310, 02 9377 303

Web site:                                  


Coordinates for contact with the Data Protection Officer

Name:                                                Vassil Simeonov

Postal address:                                   33 Moskovska Str., Sofia 1000

Phone:                                                02 9377 400

Web site:                                  



Purposes of the processing utilizing the personal data

Sofia Municipality collects, processes and stores your personal data on the basis of statutory obligations and/or in the pursuance of tasks of public interest and in conformity with Article 6, paragraph 1 of EU Regulation 2016/679.


Filling a complaint

In case of an ascertained violation of your legal rights and interests, you have the right to file a complaint before the Commission for Personal Data Protection.


Name:                                                Commission for personal data protection

Seat and registered address:            2 Prof. Tsvetan Lazarov Blvd., Sofia 1592

Postal address:                                  2 Prof. Tsvetan Lazarov Blvd., Sofia 1592

Телефон:                                           02 9153 518

Web site:                                  

E-mail:                                      ,


Right of access

You have the right of access to your personal data by demanding and receiving information on its processing.

The granting of information on the processing of your personal data if free of charge while Sofia Municipality reserves the right to impose an administrative fee in case of repetition or excessiveness of the requests.


Correction, erasure (“to be forgotten”) and restrictions in data processing

You have the right to correct your personal data in case of an ascertained inaccuracy, as well as the right of objection to the processing of your personal data.

You have the right to request of Sofia Municipality to erase your personal data when one or more of the reasons listed below are available:

  • The personal data is no longer necessary for the purposes for which it was collected or processed in a different matter when there are no statutory obligations for its periodic storage;
  • In case of a withdrawal of the agreement in cases when there are no statutory obligations for its periodic storage;
  • If you object against the processing of the personal data related to you and if there are no legal grounds for its processing;
  • If the personal data must be erased in order to comply with legal obligations imposed by EU legislation or the legislation of a member-state that is applicable to the Sofia Municipality

Sofia Municipality has no grounds to erase personal data that is officially regulated and is supposed to be stored within the statutory periods.


You have the right to request Sofia Municipality to limit the processing of the personal data related to you when:

  • You dispute the personal data, for a period which allows the Sofia Municipality to verify the correctness of the personal data;
  • The processing is illegal, but you don’t want your personal data to be erased, only its usage to be limited;
  • Sofia Municipality does not need your personal data anymore for the purposes of processing, but you demand it for the ascertainment, exercise or protection of your legal claims;
  • You have objected against the processing while waiting for an inquiry whether the statutory grounds of Sofia Municipality have priority over your interests.


Legal basis of the processing

The administrative services we offer require the processing and storage of personal data, which is minimized. This data is needed in order to be processed and executed the respective service in accordance with the legislation of the Republic of Bulgaria and the European Union. Sofia Municipality collects the personal data for concrete, legitimate purposes and the personal data is not processed any further in a manner contradictory to these purposes.


Periods for storage of personal data

The vast variety of services Sofia Municipality is providing calls for a different storage period for personal data on paper/in digital form, the criteria for which is defined by the state legislation, while for the rest is applicable the “Sofia Municipality’s List of types of documents with storage periods”.

Sofia Municipality stores personal data on the basis of the applicable legislation in accordance with the statutory period.


Recipients and categories of recipients of personal data

The categories of recipients of personal data provided by Sofia Municipality outside the organization:

  • To public authorities (National Revenue Agency, National Social Security Institute, Ministry of Interior, judicial authorities, controlling authorities, authorities of the local self-government etc.)
  • To a Data Controller (a natural or legal person that processes the personal data on behalf of Sofia Municipality and following its instruction or assignation)


Principles of data collection, processing and storage

In the collection, processing and storage of personal data Sofia Municipality adheres to the following principles:

  • Conformity with the law, conscientiousness and transparency;
  • Relatable with the purposes of processing and keeping the collected data to a minimum;
  • Restriction of the purposes of processing;
  • Keeping the data accurate and up-to-date;
  • Limitation of the storage period for papers with personal data;
  • Integrity and privacy of the processing and maintaining a suitable level of security of the personal data



Sofia Municipality does not collect or process personal data, revealing race or ethnicity, political views, religious or philosophical beliefs, membership in trade unions, as well as the processing of genetic and biometric data, data on the sex life or the sexual orientation of natural persons.




Posted on: 02.04.2017

As users of the Official Web Portal of Sofia, you can browse its pages without filling out registration forms and entering personal data.
If you wish to use the specialized modules and services you need to enter the data required in order the procedure you are requesting to be performed. The information submitted shall not be reused for purposes that are incompatible with those specifically requested, except when you have been informed to register for multiple services available through the portal (unified user profile).

Sofia Municipality is a personal data controller (registered with ID number 52258). Personal data necessary for a specific service to users is collected, processed and stored within the legally prescribed time frame. Transmission of sensitive information (including personal data) via unprotected channels is not allowed during data processing.
The collection and processing of personal data for other purposes shall be carried out only with the explicit consent of the persons providing it and in compliance with the requirements of the Personal Data Protection Act.

The main objective of the portal is to provide effective service to its users with secured personal data protection. We maintain administrative, software and technical measures and resources to protect data against unauthorized access and disclosure, against accidental or unauthorized destruction and alteration, and against abuse (such measures are not be made public).
Sofia Municipality does not provide information on the users to third parties, except in cases explicitly regulated by a legal provision.

WARNING: To facilitate the service for the users, we publish links to sites that are not supported by Sofia Municipality. We emphasize that we have no control over them and we are not responsible for the information you provide to these sites.

Sofia Municipality changes the procedures and means of personal data protection in accordance with the amendments to the legal regulations and development of information security technologies. The current state of protection is published on this portal together with the date of the update.
We encourage our users to periodically review this statement to keep up with the level of personal data protection.