Diana Hadzhieva has experience in privacy, data protection, GDPR compliance, cybersecurity legislation (NIS 1, NIS 2), reviewing, adapting, and preparing privacy policies, general terms and conditions, legal assistance on data security breaches and data breach notifications, legal privacy by design, and business model setup advice. She also provides incident response and risk management advice to domestic and international businesses.
Diana Hadzhieva holds an ISO 27001 Lead Auditor Certificate. She has auditing experience, as well as data mapping and gap analysis, data protection impact assessments, and cybersecurity compliance.
Fluent in English language and Italian language.
Academic Qualifications
Master of Law, Sofia University “St. Kliment Ohridski”, Faculty of Law, 2013
Master of International business, UNWE, Sofia, 2018
Master of Cybersecurity, Plovdiv University “Paisii Hilendarski”, 2022
Professional Experience
Legal Counsel – Privacy, Data protection and IT Law, Penkova & Partners Law Firm, 2023 –
Information Security and Cybersecurity Auditor, Mnemonica AD, 2022 –
Honorary assistant Cybersecurity Law, Faculty of Economics and Social Science in Plovdiv University “Paisii Hilendarski”, 2021 –
Data Protection Officer (DPO) and Cybersecurity Consultant, IQ Security Ltd, 2019 –
Legal Adviser, Porchani, Milan, Italy, 2016 – 2017