Accessibility
On this website, it is possible to change the contrast of the content to make reading easier.
To enlarge the content, we recommend using the built-in functionality of the web browser: hold down the Ctrl key (Cmd key in OS X) and press the + or – key at the same time.
Another convenient option is to use the mouse: hold down the Ctrl key while moving the mouse scroll wheel. You can return to normal size by pressing the Ctrl and 0 keys at the same time.
All major operating systems include settings to increase the content displayed on the screen.
In Windows 7, you can find a program called Magnifier if you click on the “Start” menu button at the bottom left, type Magnifier (the first few letters are enough) and press Enter. A small window will open in which everything is magnified. By default, the program tracks the position of the mouse cursor. In Windows XP, you can find Magnifier by going to Start > All Programs > Accessories > Accessibility > Magnifier.
On Apple computers, to use zoom, navigate to: Apple menu > System Preferences > Accessibility (or Universal Access) > Zoom.
Data Protection Day
Implementation of the Legal Framework on Data Protection: Challenges, Benefits, Resilience
28 January 2026 | Radisson Blu Leogrand Hotel, Chișinău, Moldova
This conference is organised by the National Centre for Personal Data Protection of the Republic of Moldova, with the support of e-Governance Academy (eGA), and funded by the European Union, and European Union Partnership Mission in the Republic of Moldova (EUPM Moldova).
Agenda
- 8:30-9:00 Registration of participants and networking
Moderator of the day: Miruna MIHAILOVICI, Journalist; Communication & Press Relations, National University of Science and Technology Politehnica, Bucharest
- 9:00-9:45 Opening and welcome speeches
• Victoria MUNTEAN, Director, National Centre for Personal Data Protection (NCPDP)
• Lilian CARP, Chair, Parliamentary Committee on National Security and Public Order
• Dorian ISTRATIII, Vice-Chairman of the Committee on Economy, Budget and Finance
• Eduard SERBENCO, Secretary of State, Ministry of Justice, Republic of Moldova
• Mihai LUPAȘCU, Director, Agency for Cybersecurity of Moldova
• Vedran IAN-KJELDSEN, Deputy Head, Council of Europe Office in Chisinau
• Stephan DAHLGREN, Sector Manager Public Administration Reform, EU Delegation to Moldova
• Kirsten JOPPE, Deputy Head of Mission and Chief of Staff of the EU Partnership Mission in the Republic of Moldova
• Elsa NEEME, Project Team Lead, e-Governance Academy
- 9:45-10:15 Keynote adresses
“Data Protection in an Era of Digital Transformation: Building Resilient Frameworks for Emerging Democracies“
As digital technologies reshape governance and daily life, data protection has become a cornerstone of democratic resilience and public trust. This keynote explores how emerging democracies, particularly EU candidate countries, can develop robust and sustainable data protection frameworks that enable digital innovation while safeguarding fundamental rights. Drawing on the Council of Europe’s Convention 108+ and the enforcement experience of the European Data Protection Board, the speakers will highlight key elements of effective data protection systems, including independent supervisory authorities, proportionate enforcement, and privacy-by-design in digital public services. The session will offer strategic insights for Moldova as it prepares for the entry into force of Law 195 and progresses toward EU adequacy recognition.
Speakers:• Angela COLOMIICENCO, Deputy Director of Representative of the NCPDP” The new
legal provision in the field of personal data protection in the Republic of Moldova”
• Anu TALUS, Chair, European Data Protection Board (EDPB). Video message
- 10:15-11:15 Panel 1: Operationalising compliance
“Records of processing activities- requirements, responsibilities and the best practices”
This panel brings together representatives of Moldova’s leading business associations with regulatory experts to address the practical dimensions of data processing. The session will explore how organizations can move from static compliance documents to dynamic, integrated data governance systems. Speakers will examine sector-specific challenges in data processing, automation tools, and the critical intersection between data protection processes and cybersecurity risk management.
Moderator: Jekaterina MACUKA, Director, Data State Inspectorate, Latvia
Speakers:• Raul DĂNCUȚA, Data Protection Officer, Babeș-Bolyai University, Cluj-Napoca, Romania
• Marina BZOVII, Director, Association of ICT Companies (ATIC)
• Carolina BUGAIAN, President of European Business Association (EBA), Women Entrepreneurs of Moldova (AFAM), CEO Moldcell
• Vitalie TARLEV, Digitalisation Adviser, Economic Council to the Prime Minister
- 11:15-11:45 Coffee break and networking
- 11:45-13:00 Panel 2: Engineering trust
“Privacy & Security by Design: From Principles to Practice”
In an era of accelerating digital transformation and AI adoption, data protection can no longer be an afterthought. Privacy by Design and Security by Design represent a fundamental shift in approach—embedding data protection principles into the architecture of systems, processes, and products from the earliest stages of development. This proactive methodology not only ensures regulatory compliance but delivers tangible business value by reducing breach risks, building customer trust, and enabling sustainable innovation.
This panel moves beyond theoretical frameworks to examine how organizations are implementing these principles in practice. From enterprise-level AI integration to national digital infrastructure, speakers will share concrete strategies for translating GDPR and Law 195 requirements into operational reality. The session explores how to balance regulatory obligations with business agility, demonstrating that privacy and security are enablers—not obstacles—to digital transformation. Particular attention will be given to architectural and organisational controls that support compliance while proactively reducing the risk of personal data breaches.
Moderator: Ingrid BICU, Expert, European Union Partnership Mission in the Republic of Moldova (EUPM)
Speakers:• Ivana Arapu, Head of Corporate Security, Orange Moldova
• Natalia MIHALACHE, Legal Director, Moldcell S.A.
• Claudiu IONESCU, Senior Manager, Adobe EMEA Cyber Defense Center
• Sebastian-Dan NASTE, Advisor to the Director of the Romanian National Cyber Security Dire
- 13:00-14:00 Lunch and networking
- 14:00-15:20 Panel 3: Data subject’s rights, prevention and assessment mechanisms:
“Ensuring Rights, Managing Risks, Building Trust”
Law 195 places individuals at the centre of Moldova’s data protection framework by granting enforceable rights and requiring organisations to implement preventive and assessment mechanisms. However, turning legal rights into everyday practice remains a challenge for both citizens and data controllers.
This panel explores how rights implementation, risk prevention, and impact assessment
work together in practice. Speakers will discuss effective handling of access, rectification,
and erasure requests, risk-based approaches to Data Protection Impact Assessments
(DPIAs), and preventive controls for lawful and transparent processing. The discussion will
also address high-risk sectors, including areas where data protection intersects with Anti-
Money Laundering obligations, offering practical guidance for organisations ranging from
SMEs to large financial institutions.
Speakers:• Gunnar Gabriel EINLO, Data Protection Inspectorate, Republic of Estonia. “How Supervisory Authorities can reduce breaches beyond enforcement – insights from Estonia”
• Tomas BIKMANAS, Key Expert for EU Acquis and Institutional Development, Lithuania
• Simona Popescu ZANFIR, Legal adviser in the Legal and Communication Directorate of Romania’s National Supervisory Authority for Personal Data Processing – “Romania’s Data Protection Authority and Regulation (EU) 2016/679 (GDPR) — Current Developments and Perspectives.”
• Dorian DORONCEANU, Chief Legal Officer at Simpals. “Group Company Compliance: Managing Data Protection Across Corporate Structures”
- 15:20-15-15:40 Coffee break
- 15:40-16:30 Panel 4: Control procedures and sanctions
“Building Effective Data Protection Control Mechanisms and Accountability”
Credible enforcement is the cornerstone of any effective data protection regime. As Moldova and Ukraine advance toward European Union membership, demonstrating robust supervisory capacity and proportionate sanctioning mechanisms is not merely a legal obligation – it is a fundamental requirement for EU accession under Chapter 23 (Judiciary and Fundamental Rights) and a precondition for eventual participation in EU cross-border enforcement cooperation.
The session opens with practices and findings from Ukraine on liability frameworks, establishing a comparative foundation for examining how candidate countries can build enforcement regimes that are effective, transparent, and aligned with European standards.
Also, the session provides practical insights on developing proportionate fine calculation methodologies and ensuring genuine supervisory independence.
Speakers:• Sebastian-Dan NASTE,Expert in legal policies and cybersecurity standardisation / Data Protection Officer (DPO), Romanian Cyber Security Directorate (DNSC)
• Lucian CHETE Certified Data Protection Officer | Cybersecurity Auditor, QSCert, Romania. “Incident Response as Accountability: How Cybersecurity Controls Shape GDPR Enforcement Outcomes”
• Jekaterina MACUKA, Director, Data State Inspectorate, Latvia. “Transparency in Enforcement: Publishing Decisions and Ensuring DPA Independence”
- 16:40-16:50 Closing remarks by Victoria MUNTEAN, Director, National Center for Personal Data Protection
Data Protection Day 2025
