Internal notification channel

Information on the procedure and manner of reporting breaches under the Act on Protection of Persons, Reporting Information, or Publicly Disclosing Information about Breaches (Whistleblowers Protection Act) adopted in implementation of Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019

What is Whistleblowers Protection Act?

This Act regulates the conditions, procedure, and measures for protection of persons in the public and private sectors, who report information, or publicly disclose information about Bulgarian legislation, or acts of the European Union, (whistleblowers), that endanger or damage the public interest and the European Union law, as well as the terms and conditions for submitting and considering such information or publicly disclosed information.

  • According to Art. 12 of this Act we are an obliged subjects and should provide an internal channel as an opportunity to receive and consider reports on breaches.
  • Persons who report breaches are provided with protection under the law and are against them retaliatory actions that may have negative consequences on their rights and freedoms are prohibited.

Who can report a breach?

The right to report under the law have only natural persons who, in relation to “TINQIN” AD (TINQIN), have one of the following capacities:

  1. a worker, employee or other person who performs hired work in “TINQIN” AD.
  2. a person who performs work without an employment relationship and/or exercises a liberal profession. 
  3. volunteer or intern at “TINQIN” AD.
  4. shareholder, member of the management of TINQIN AD.
  5. a person who works for subcontractors or suppliers of “TINQIN” AD.
  6. a candidate for a job who has participated in a competition or other form of selection for employment and has received in that capacity Information about an infringement.
  7. worker or employee, when the information has been obtained within the framework of an employment relationship with TINQIN AD, which has been terminated at the time of filing the signal or the public disclosure.
  8. Any other person who submits information about an infringement that they have obtained in a “working context“.

What type of breaches are to be reported?

In order to be considered under the terms and conditions of the Whistleblowers Protection Act, the reports must contain information about actions or omissions that are:

a) unlawful (violations) and are related to the Bulgarian legislation or the acts of the European Union in the areas referred to in art. 3, or

(b) conflict with the object or purpose of the rules in the acts of the European Union and the areas referred to in Article 3 and which have been committed or are very likely to be committed in TINQIN, as well as for attempts to conceal violations.

Any other reports outside the above-mentioned conditions and those that do not constitute of any breaches of the legislation will not be considered under the terms and conditions of this Act.

How can I report a breach?

If you fall into any of the above-mentioned classification in “work context” and at the same time have good reason to believe that you have reliable information about a breach of Bulgarian or European law, you can obtain protection by reporting under the terms and conditions of this law by:

(Reports that contain patently false or misleading statements of fact will be returned with instructions to the sender to correct the statements and about the sender`s responsibility for persuasion.)

  • Internal channel
  • External channel
  • Publicly disclosing information

Internal channel

In view of the possibility of quickly preventing a breach or removing the consequences of such a breach, the information should be submitted as a priority through an internal reporting channel.

You may submit a report in writing, including in electronic form or verbally, to the designated person responsible for handling information reports in TINQIN pursuant to Art. 14.

This person is Whistleblower protection officer (WPO), and this role has been assigned to the Data Protection Officer (DPO) of TINQIN – Vasil Vasilev. You can contact him:

In writing- by e-mail or

Verbally – by phone + 359 2 8056899

The registration of an information shall be carried out by filling in an approved form by the competent authority under this Act – the Commission for Personal Data Protection (CPDP). Verbal reports are filled in by the WPO/DPO at the time of their disclosure. You can arrange a meeting, in person or via video call, with the Whistleblower protection officer/Data Protection Officer during business hours for reporting purposes.

TINQIN has adopted an internal policy on management and consideration of information on breaches, which ensures compliance with our legal obligations. According to the established internal order, the confidentiality, integrity, and confidentiality of handling reports is guaranteed, as well as the protection of the whistleblower’s identity.

Any processing of personal data, carried out pursuant to this Act, including the exchange or transmission of personal data by the competent authorities, shall be carried out in accordance with Regulation (EU) 2016/679 and Directive (EU) 2016/680, and when the transmission involves institutions, bodies, services or agencies of the European Union – in accordance with Regulation (EU) 2018/1725, as well as with the Personal Data Protection Act.

No personal data shall be collected, that is clearly not relevant for considering the specific report, and if it is accidentally collected, shall be deleted.

More information on how personal data is processed can be obtained from the DPO both by contacting the mail specified for the purposes of this Act and at for any questions related to personal data.

External channel

If there is a reasonable presumption that the reporting person is at risk of retaliatory discriminatory actions and that effective measures will not be taken to verify the report, the report may be made through an external submission channel. This is done by submitting a signal to the central authority for external reporting – CPDP, according to Section II “External Reporting”. Further information and explanatory material on the law can be found here.

Publicly disclosing information

In view of the high public interest in preventing breaches of Bulgarian legislation and acts of the European Union, public disclosure of information about such breaches is also possible. The persons publicly disclosing such information, in addition to the protection under this Act, shall also enjoy the protection of free dissemination of information, established in the Constitution.