Mădălina Vasile (Bucur)

Managing Associate

+40 21 201 1200

Practice areas



  • environmental issues in mergers and acquisitions
  • environmental and other permitting matters
  • waste management
  • environmental liability, including for historic pollution
  • hazardous substances
  • sanitary, veterinary and food safety matters
  • compliance matters, including in case of polluting incidents and authorities’ controls
  • environmental related litigation

Data Protection and Privacy

  • GDPR gap analysis and audits
  • GDPR and DPO training
  • processing employees’ data, including data sharing within the group for benefits programs and whistleblowing schemes
  • e-privacy matters, including commercial communications
  • data sharing in mergers and acquisitions projects
  • regulatory compliance, including in connection with disciplinary procedures
  • data subject rights
  • processing and data transfer formalities

Representative Cases and Transactions


  • assistance to a large oil provider in the context of a litigation against Environmental Fund Administration decision regarding contributions for the wasted oil introduced on the Romanian market
  • day-to-day assistance to a large retailer on sanitary-veterinary matters
  • day-to-day assistance on the obligations under the New Methodology for the computation of taxes and contributions for Environmental Fund, approved by the Environmental Fund Administration
  • assistance to a multinational electronics manufacturing services company on packaging waste regulations in the context of a litigation against Environmental Fund Administration decision

Data Protection and Privacy

  • assistance to a large retailer regarding a data protection audit on the company’s data processing operations in order to assess compliance with the new obligations under the General Data Protection Regulation (GDPR), as well as assistance in implementing the actions set out in the audit report
  • advice to a large financial institution and its subsidiaries in conducting an audit of the processing operations within the group to assess compliance with GDPR requirements, preparing an audit report and an action plan with recommended measures to be implemented by the group to ensure compliance and assisting with the implementation thereof
  • assistance to a leading Romanian bank and its subsidiaries in performing a GDPR gap analysis
  • assistance to an international financial services and communications company on ensuring compliance with the Romanian data protection requirements of its processing operations regarding human resources and marketing purposes, video monitoring purposes or carrying out background checks


  • University of Bucharest Law School, Law Degree

Memberships and Affiliations

  • Bucharest Bar

Notable Contributions

  • contributor to NNDKP Privacy Out Loud
  • speaker at the event “Data Protection from CJEU`s perspective. What should companies pay attention to?”, organized by NNDKP (2023)
  • speaker at the Environmental & Sustainability Summit 2023, organized by Business Review (2023)
  • speaker at the webinar “Whistleblower: compliance, implementation, impact”, organized by Avocatnet.ro (2021)
  • speaker at the webinar “Decoding and systematizing the obligations of employers: Essential Legal and Tech requirements to ensure compliance with the Whistleblowing Legislation”, organized by NNDKP (2021)
  • Key takeaways on the Romanian whistleblowers proposal law” (2021) (co-author)
  • contributor to NNDKP – COVID-19 Legal & Tax Resource Center
  • speaker at the Employer Branding Conference, GDPR for Human Resources Workshop, organized by Evensys (2018)