What to do when your content is stolen (in Bulgaria, the EU and beyond)

A step-by-step process, institutions and templates that work even better when you have a StampR certificate.

What do you want to achieve

Choose your primary goal. You will see a recommended path – which steps to take first and which institutions or platforms to approach.

Select a goal above to see the steps.

Path: fast content takedown

  1. Make sure you have a StampR certificate and a clear chronology of the evidence: original file, certificate, links to the infringement, screenshots.
  2. Use a Cease-&-Desist / warning letter template (see the “Document templates” section below) where you describe who you are, what the original content is, links to the infringement and the certificate serial number.
  3. File an official report with the platform (YouTube, Instagram, TikTok, Shopify, hosting provider) with a short description of the infringement, links, screenshots and the attached StampR certificate or PDF validation report.
  4. If you are in an EU country and the infringement is serious or ongoing, consult a lawyer about a court injunction to stop the content. In Bulgaria this typically goes through a civil lawsuit.

Practical tip: platforms often react faster when you provide a clear technical fingerprint (hash + time stamp) and a calm, well-structured letter instead of emotional chat messages.

Path: compensation (money)

  1. Organise your evidence: StampR certificate, original file, publication timeline (when you published and when the copy appeared), contracts or offers if any.
  2. In Bulgaria: check whether the case allows an order for payment procedure (Art. 411 CPC) – a fast-track for monetary claims. It is often combined with a civil lawsuit for broader protection.
  3. In another EU country: find a local lawyer for a civil claim / injunction under local civil procedure law. The StampR certificate and qualified time stamp are recognised as evidence in all member states.
  4. Outside the EU: use the certificate as technical evidence combined with local mechanisms (DMCA-like procedures, civil lawsuit, mediation). Involving a local lawyer/IP office is a good idea.

Practical tip: the first letter is often a mix of takedown request plus an offer for an amicable settlement (licence/compensation). StampR shows you were first and that you can escalate to court if needed.

Path: criminal prosecution

  1. Make sure the case is serious enough: large-scale online piracy, systematic distribution, commercial profit from someone else’s content.
  2. In Bulgaria: prepare a report to GDBOP – Cybercrime Department and the prosecution service with detailed description, links, screenshots and the attached StampR certificate + TST/TSR file.
  3. In other EU countries: report to the cybercrime unit and the police, attaching the certificate and clearly explaining what was stolen, since when and how it is monetised.
  4. Outside the EU: check local mechanisms for computer crime and online piracy. Technical evidence (hash + time stamp) is usually combined with expert reports or witness testimony.

Practical tip: the criminal route is slower and heavier, but it has a strong deterrent effect against systematic infringers. A well-structured report supported by StampR evidence helps investigators act more efficiently.

General recommendation if you are not sure

  1. Check whether your main goal is takedown (platforms and Cease-&-Desist), money (order for payment / civil claim), or criminal effect (cybercrime, police).
  2. Select a country/region from the selector below (Bulgaria, other EU country, outside the EU) to see which types of institutions to contact.
  3. For complex international cases (different states for author, infringer and platform), consult a lawyer with experience in copyright and online content. The StampR certificate makes the conversation much more concrete.

Practical tip: you do not need to decide everything on day one. The key is to lock in the time, facts and evidence. After that you can calmly decide whether you care more about takedown, compensation, criminal effect – or a combination.

Who can help

District Court – Order for payment procedure (Art. 411 CPC)

File an application with the original + `.tsr` and the claimed amount (licence fee, penalty). If no objection is lodged within 14 days you receive a writ of execution and can seize bank accounts.

Regional Court – Civil lawsuit (under the CPC)

Seek broader protection: request injunctive relief, damages, and publication of the judgment. Attach the `.tsr` timestamp, validation report, and evidence of the infringement.

GDBOP – Cybercrime Department

For large-scale online infringement (pirate site, torrent). They remove the content, seize servers, and open pre-trial proceedings under Art. 172a of the Criminal Code.

1 Aleksandar Malinov Blvd., 1715 Sofia

Bulgarian Patent Office

Use when a registered trademark or design is stolen. Inspectors issue violation acts, impose fines up to 30,000 EUR, and seize counterfeits.

52B Dr. G. M. Dimitrov Blvd., 1040 Sofia

What evidence to attach

Use the checklist below as a “mini audit” of the evidence you will attach to letters, complaints, or claims. The more boxes are ticked, the stronger and more reproducible your case file becomes.

Marked items: 0 / 7

In EU Member States, the qualified eIDAS time stamp enjoys a presumption of accuracy for date and integrity of the data and can be presented directly to courts and authorities. Outside the EU, the StampR certificate remains strong technical evidence (hash + timestamp + TSA signature) that is combined with local law, DMCA-style procedures and expert opinions.

You can additionally validate the time stamp on the BORICA site: https://www.b-trust.bg/en/services/time-stamp-issue

Updated document templates (validated for StampR)

Letter text generator

Fill in the key case data and get a ready-to-use text you can copy to an email, DOCX or PDF. This is not legal advice; consult a lawyer for complex or cross-border cases.

The generated text is an example. Add the country, court/authority details and adapt the legal basis to the applicable law.

International validity of StampR

StampR is built on a qualified electronic time stamp (QeTS) under eIDAS and ETSI EN 319 421/422 profiles. In practice, an independent timestamp issued by a qualified trust service provider (QTSP) is applied to the SHA-256 hash of your file and the result remains cryptographically verifiable over time.

  • In the EU – QeTS carries a presumption of accuracy for date/time and integrity of the data. The certificate and TST/TSR file can be presented as evidence before courts, cybercrime units, IP offices and platforms.
  • In Latin America and other regions – the certificate is a technical artefact (hash + timestamp + TSA signature) that can be used in expert reports, contract disputes and local procedures (DMCA-type actions, administrative reviews).
  • EU–LAC vision – StampR’s model is adaptable: it can be combined with local trust providers and registries to build cross-border workflows (e.g. EU author + LAC platform + local prosecutor/regulator).

In every scenario, the key is that any expert can independently verify the TST file and serial number without relying on the StampR platform. This makes the evidence resilient over time.

If you are in the EU

  • Combine the certificate with a civil claim, order for payment or criminal report.
  • Use notice & takedown mechanisms on platforms, attaching the PDF certificate and TST/TSR.
  • You can rely on the eIDAS presumption of accuracy for date and integrity.

If you are in LAC / other regions

  • Use the certificate as part of technical expert evidence.
  • Combine it with local trust providers and notaries where available.
  • Apply it to contract disputes, DMCA-like procedures and regulator complaints.

Anywhere in the world

  • You can show clearly when the content was created and when it was copied.
  • Provide lawyers and experts with verifiable artefacts – not only “screenshots”.
  • Strengthen your negotiation and procedural positioning when your content is stolen.

Examples of how StampR is used when content is stolen

Photographer in Germany → website in Spain

A German photographer certifies a photo series with StampR before publishing. Later he discovers a Spanish website using the same images without permission. He sends a Cease & Desist letter and a DMCA-style notice to the hosting provider, attaching the certificate and TST/TSR. If needed, he can pursue a civil lawsuit in the EU invoking the QeTS under eIDAS.

Dev/AI in Portugal → competing product

A developer of a machine learning model in Portugal certifies code, configurations and documentation via StampR. Parts of the model surface in a competitor’s product. He combines StampR certificates with Git history, internal tickets and correspondence to prepare prior-art evidence that can be used in court or negotiations.

Music producer in Mexico → ad using their track

A music producer in Mexico certifies her track through StampR. She later finds the song used in a TV commercial without a licence. She leverages the certificate as technical evidence (hash + timestamp) and works with a local lawyer and IP office procedure. If necessary, she can also lean on EU–LAC initiatives for mutual recognition of trust services.

Frequently Asked Questions

Timestamping attaches a qualified electronic time stamp (QeTS) to the “digital fingerprint” (SHA-256 hash) of your file. This locks in the exact date and time when the content existed and guarantees it has not been altered afterwards. In StampR the process is automatic: the system calculates the hash server-side, sends a request to a trusted eIDAS-qualified provider (BORICA B-Trust), receives a Time-Stamp Token (TST), and issues a certificate with a unique serial number plus public verification instructions (QR/URL).

When a dispute arises (copying, theft, conflict over who was first), simply keeping the work to yourself is not enough. You need to be able to show that it existed on a specific date and that you declared authorship for it. Disclosure in StampR is exactly that: you make a declaration of authorship, it is fixed in time, and it is certified so it can later be easily verified that your claim was made at a specific moment. You can choose between public and confidential disclosure. With public disclosure, third parties can verify the certificate and see that valid certification exists and when it was made, which has a preventive effect and is convenient when presenting to partners, clients, or an audience. With confidential disclosure, you keep the same evidence and verification capability, but without making information publicly available beyond your selected settings, and the work content does not become visible. It is important to know that copyright arises automatically upon creation of the work. The certificate does not create rights; it supports proving authorship and the moment of declaration when that matters.

Almost any digital file: text documents (DOCX, PDF), images (PNG, JPG), audio/video (WAV, MP3, MP4), software code and archives (ZIP, TAR.GZ), designs, drawings, research data, and more. Even physical materials can be digitised (scan/photo) and then certified. StampR users cover a wide range: literary, musical, scientific and IT works, graphic and industrial design, photography, technical drawings. Note: The service does not replace patent or trademark registration. The certificate acts as supporting evidence (time + immutability) and is typically combined with other facts, documents, or testimonies in a dispute.

SHA-256 is a cryptographic algorithm that produces a unique “fingerprint” of a file. Even the smallest change to the original yields a completely different hash. This lets you prove that the certified content matches the original without sharing the file itself. StampR follows a privacy-by-design approach: only the hash and declaration metadata are stored, never the content.

Yes. A qualified electronic time stamp (QeTS) is defined by Regulation (EU) No 910/2014 (eIDAS) and recognised across all member states. It carries a presumption of accuracy for the recorded date/time and for the integrity of the linked data. In practice you can present the certificate as evidence before courts, institutions, or third parties in the EU. Remember that the certificate proves the declaration and immutability; it is usually combined with other evidence (contracts, correspondence, repositories) for full protection.

By default StampR does not store the original files, only the SHA-256 hash, timestamp, and the minimal metadata required for verification. Your confidentiality is protected. If you choose, you can switch to a more public mode — for example, share the original file or display more details on the certificate — but only through an explicit opt-in. The certificate lists the serial number, hash algorithm and value, time marker, QeTS provider, and the verification channel (QR/URL).

Visit the “Verify an object” section on the platform to:

  • enter a certificate serial number;
  • enter the SHA-256 hash directly;
  • upload the original file — the system will calculate the hash and compare it with the certified one.

You will receive confirmation of the stamp’s validity (time/provider), the hash match, and the visible certificate elements. If needed, you can also validate the Time-Stamp Token (TST) independently with external tools because it follows the RFC 3161 / ETSI EN 319 421/422 standards.