Tocheva & Mandazhieva Law Office

Established in 2004 as a boutique law firm initially focused on advising and representing clients in the financial industry and real estate & construction sector, the T&M Law Office has expanded to offer advice to Bulgarian and foreign corporate clients on all range of Bulgarian legal issues. The T&M Law Office is not among the largest Bulgarian law firms, however, it has been widely recognised and respected for its quality, integrity and business friendly, flexible solutions.

The firm’s list of clients includes major foreign investors such as Tishman in its real estate development and construction projects in Bulgaria, RWE Power AG in the country’s largest energy project for the Belene nuclear power plant, Artio Global Investment Fund, Tradeville SA, etc. At the same time, the firm continues to be a benchmark in offering legal advice in the capital markets/financial services field and to represent a large part of the financial industry players. T&M has been the pioneer in providing the legal framework for many new products on the Bulgarian financial market and advises firms wanting to enter the market for the first time as well as established players.

Our Team

tanaya tocheva

Tanya Tocheva
Partner

encho dinev

Encho Dinev
Partner

Даяна Славева

Dayana Slaveva
Associate

Georgi Traikov

Georgi Traikov
Associate


Nevena Yaneva
Associate


Valeria Nikolova
Associate

Polina Slavova

Polina Slavova
Junior Associate


Stefan Sokolov
Junior Associate

Latest News and Publicatians

WHAT ARE THE QUESTIONS TO ASK BEFORE WE CLIMB IN THE CLOUDS – PART I

ZHULIETA MANDAZHIEVA, ATTORNEY AT LAW, OCTOBER 2019 Small/Medium Enterprise – SME CSP – Cloud Services Provider AUP – Acceptable Use Policy AI – Artificial Intelligence T&C – Terms and Conditions DSP – Digital Services Provider FMCG – Fast Moving Consumer Goods ISP – Internet Services Provider The accelerated digital transformation of various industries is a global trend. Recently blockchain and AI turned into ubiquitous buzzwords. The importance of these phenomena is beyond doubt; however, their effect on the economy appears to be more one of expectations for now. The EU Commission has long acknowledged its key role in building the Digital Single Market
Read More

Brexit Series 1: How to keep the lawful transfer of personal data from EU to UK in case of no-deal

A hot topic this month is how the UK is preparing for a no-deal Brexit on 31st October 2019 and what would the consequences be for the EU and UK citizens and organisations on both sides of the Channel. In the light of these developments Brexit will change a lot in the personal data field. The main issue is whether the free flow of personal data between the UK and all other EU/EEA countries will continue.   Issues arising in business relations Business partners from the UK and the EU/EEA will face the need to take steps allowing lawful
Read More

Make it GDPR-ful again – online service providers, be mindful!

The most discussed European regulation – GDPR,  has celebrated its first birthday recently. On this occasion the European Data Protection Board ("EDBP") has released in April this year a new set of guidelines on the topic of processing personal data in the context of online services ("Draft Guidelines").  Article 29 Working Party (the forerunner of EDBP), previously adopted guidelines on the other legal bases for lawful processing of personal data. It took almost one year to EDBP to provide such guidelines, which recently led to a ‘bad practice’ as a result of an overly broad
Read More

Bulgarian creditors of Thomas Cook – what’s next?

Last week, one of the largest tour operators and package tour operators in the world shut down – Thomas Cook. On September 23, 2019, the UK Supreme Court appointed an Official Receiver, a figure similar to the insolvency receiver in Bulgaria, who takes over the "management" of dozens of Thomas Cook Group companies and appoints consulting firms AlixPartners and KPMG to support the process. As one of the preferred destinations for package holidays among the English and German price segment Bulgaria is significantly affected by the news. The company had contracts with most of the Black
Read More
Ивана Близнакова

Outsourcing of functions by banks, investment firms, payment institutions and EMIs to service providers after 30 September 2019

In recent years, financial institutions have increasingly outsourced various business activities to reduce costs and offer more flexible services to their clients. The digitalization of processes and the entry into the market of new financial technology providers (FinTech) increasingly require the adaptation of financial institutions' business models, including the use / integration of outsourcers in the processes. As of 30 September 2019, banks, investment firms, payment institutions and electronic money institutions ("institutions") must comply with the European Banking Authority's outsourcing guidelines (EBA/GL/2019/02)(https://eba.europa.eu/documents/10180/2551996/EBA+revised+Guidelines+on+outsourcing+arrangements). The guidelines lay down rules for internal management, risk assessment and monitoring by the
Read More

Google Search is not required to forget us outside the EU

On 24 September 2019 the European Court of Justice ("EUCJ") closed the case Google LLC vs CNIL with a judgement according to which the "right to be forgotten" is applicable only within the European Union. The key issue here is how a search engine operator is required to enjoy subject's removal request i.e. how to be removed certain personal information about an individual from the results' list which is displayed after a search conducted on the individual's name basis.   Background Back to 2014 in its judgement on the case Google Spain and Google (C‑131/12, EU:C:2014:317) the EUCJ
Read More

#SCA Bulgaria # Online retailers

Changes in online payments related to the implementation of legal requirements for strong customer authentication (#SCA) of users of payments services entered into force on 14 September 2019 (SCA means an authentication procedure developed in a manner protecting the confidentiality of data and involving the use of two or more of the following independent elements: 1. knowledge – something only the user knows; 2. possession – something only the user possesses; 3. inherence – something the user is). The introduction of these changes aims to ensure that payment services offered electronically are performed securely using
Read More

Free flow of non-personal data is now in the spotlight. What will happen to GDPR?

As of 28th May enters into force the new EU Regulation (EU) 2018/1807 of the European Parliament and of the Council of 14 November 2018 on a framework for the free flow of non-personal data in the European Union.   The Regulation focuses primarily on prohibition of mandatory localisation requirements, established by the EU Member States' national laws. The new rules will allow data to be stored and processed everywhere in the EU without unjustified restrictions. This Regulation should apply to natural or legal persons who provide data processing services to users residing or having an establishment
Read More

"