Elena Cioponea

Associate, CIPP/E

+40 21 201 1200

Practice areas


Data Protection

  • GDPR compliance
  • regulatory compliance
  • data subject rights
  • processing and data transfer formalities
  • GDPR gap analysis and audits
  • processing employees’ data, including data sharing within the group for benefits programs and whistleblowing schemes
  • building and using databases for supporting sales and marketing activities
  • e-privacy matters, including social networking sites, cookies consent rules and commercial communications
  • data breach regulations
  • internal data protection and privacy audits and training


  • environmental and other permitting matters
  • water management
  • sanitary, veterinary and food safety matters
  • compliance matters, including in case of polluting incidents and authorities’ controls

Representative Cases and Transactions

  • assistance to a large Romanian financial institution with conducting an audit on GDPR compliance for some of its core processes, drafting a findings report and action plan, as well as assistance in implementing the recommended measures
  • assistance to a large retailer on data protection compliance of its human resources processes, including those involving video monitoring
  • assistance to one of the biggest retailers in Romania on GDPR compliance in its day-to-day activities, including managing data subject requests, drafting privacy notices and procedures
  • advice to a leading automotive services provider on processing and transferring personal data outside of SEE
  • assistance of various clients with managing personal data breach notifications to the National Supervisory Authority for Personal Data Processing and related matters


  • University of Bucharest Law School, Law Degree
  • Babeș-Bolyai University Law School, Master Degree in International and Comparative Business Law

Memberships and Affiliations

  • Bucharest Bar
  • The International Association of Privacy Professionals (IAPP)