This Act regulates the conditions, procedure, and measures for protection of persons in the public and private sectors, who report information, or publicly disclose information about Bulgarian legislation, or acts of the European Union, (whistleblowers), that endanger or damage the public interest and the European Union law, as well as the terms and conditions for submitting and considering such information or publicly disclosed information.
Who can report a breach?
The right to report under the law have only natural persons who, in relation to “TINQIN” AD (TINQIN), have one of the following capacities:
What type of breaches are to be reported?
In order to be considered under the terms and conditions of the Whistleblowers Protection Act, the reports must contain information about actions or omissions that are:
a) unlawful (violations) and are related to the Bulgarian legislation or the acts of the European Union in the areas referred to in art. 3, or
(b) conflict with the object or purpose of the rules in the acts of the European Union and the areas referred to in Article 3 and which have been committed or are very likely to be committed in TINQIN, as well as for attempts to conceal violations.
Any other reports outside the above-mentioned conditions and those that do not constitute of any breaches of the legislation will not be considered under the terms and conditions of this Act.
How can I report a breach?
If you fall into any of the above-mentioned classification in “work context” and at the same time have good reason to believe that you have reliable information about a breach of Bulgarian or European law, you can obtain protection by reporting under the terms and conditions of this law by:
(Reports that contain patently false or misleading statements of fact will be returned with instructions to the sender to correct the statements and about the sender`s responsibility for persuasion.)
In view of the possibility of quickly preventing a breach or removing the consequences of such a breach, the information should be submitted as a priority through an internal reporting channel.
You may submit a report in writing, including in electronic form or verbally, to the designated person responsible for handling information reports in TINQIN pursuant to Art. 14.
This person is Whistleblower protection officer (WPO), and this role has been assigned to the Data Protection Officer (DPO) of TINQIN – Vasil Vasilev. You can contact him:
In writing- by e-mail email@example.com or
Verbally – by phone + 359 2 8056899
The registration of an information shall be carried out by filling in an approved form by the competent authority under this Act – the Commission for Personal Data Protection (CPDP). Verbal reports are filled in by the WPO/DPO at the time of their disclosure. You can arrange a meeting, in person or via video call, with the Whistleblower protection officer/Data Protection Officer during business hours for reporting purposes.
TINQIN has adopted an internal policy on management and consideration of information on breaches, which ensures compliance with our legal obligations. According to the established internal order, the confidentiality, integrity, and confidentiality of handling reports is guaranteed, as well as the protection of the whistleblower’s identity.
Any processing of personal data, carried out pursuant to this Act, including the exchange or transmission of personal data by the competent authorities, shall be carried out in accordance with Regulation (EU) 2016/679 and Directive (EU) 2016/680, and when the transmission involves institutions, bodies, services or agencies of the European Union – in accordance with Regulation (EU) 2018/1725, as well as with the Personal Data Protection Act.
No personal data shall be collected, that is clearly not relevant for considering the specific report, and if it is accidentally collected, shall be deleted.
More information on how personal data is processed can be obtained from the DPO both by contacting the mail specified for the purposes of this Act and at firstname.lastname@example.org for any questions related to personal data.
If there is a reasonable presumption that the reporting person is at risk of retaliatory discriminatory actions and that effective measures will not be taken to verify the report, the report may be made through an external submission channel. This is done by submitting a signal to the central authority for external reporting – CPDP, according to Section II “External Reporting”. Further information and explanatory material on the law can be found here.
Publicly disclosing information
In view of the high public interest in preventing breaches of Bulgarian legislation and acts of the European Union, public disclosure of information about such breaches is also possible. The persons publicly disclosing such information, in addition to the protection under this Act, shall also enjoy the protection of free dissemination of information, established in the Constitution.