Expertise

Having established NNDKP’s environmental and data protection practices and coordinating them over the past 12 years, Roxana Ionescu has consolidated her theoretical and practical background in these areas, which allows her to navigate the complex and sometimes highly uncorrelated legal frameworks in order to find practical solutions to clients’ projects and needs.

Her expertise covers:

In the environment field:

  • environmental issues in mergers, acquisitions and privatizations
  • environmental and other permitting matters
  • water management
  • waste management
  • hazardous substances
  • protected natural areas
  • environmental liability, including for nuclear incidents and historic pollution
  • industrial emissions and greenhouse gas emission allowances trading
  • environmental taxes
  • sanitary, veterinary and food safety matters
  • compliance matters, including in case of polluting incidents and authorities’ controls
  • environmental related litigation

In the Data Protection and Privacy field:

  • GDPR gap analysis and audits
  • GDPR and DPO training
  • processing employees’ data, including data sharing within the group for benefits programs and whistle-blowing schemes
  • building and using databases for supporting sales and marketing activities
  • e-privacy matters, including social networking sites, cookies consent rules and commercial communications
  • cyber-security requirements
  • classified information regime
  • cloud computing
  • data sharing in mergers, acquisitions and winding-up projects, as well as joint business projects
  • regulatory compliance, including in connection with disciplinary procedures and FCPA audits
  • data breach regulations
  • data subject rights
  • processing and data transfer formalities
  • controls by the data protection authorities
  • internal data protection and privacy audits and training
  • archiving formalities (including in cases of winding-up of companies)

Industry Focus

Representative Cases and Transactions

Environment

  • day-to-day environmental matters, including assessment of environmental risks, as well as managing permitting and waste management requirements, in connection with a major car manufacturer’s acquisition and modernization of a Craiova-based car manufacturing company
  • assistance to one of the major organizations taking back obligations in the electric and electronic equipment waste field in assessing the implications and effects of government efforts to transpose the new EU directive in this field
  • advice on a wide range of environmental permitting issues in connection with a leading oil company’s offshore exploration and exploitation activities
  • assessment of the environmental liability regime in case of offshore environmental incidents for the leading Romanian oil company
  • assistance in the implementation of environmental, natural protected areas and forestry permitting requirements for the construction and operation of the Nabucco International Gas Pipeline project
  • assessment of the Romanian carbon capture and storage regime for a foreign institute in connection with a grant given to the first pilot project of this kind to be implemented in Romania by one of Romania’s main power generation companies
  • assistance in addressing various issues in connection with a major cement manufacturer’s trans-boundary waste shipment
  • assessment of the client’s legal exposure and potential alternatives in connection with the clean-up operations of a Romanian refinery during the privatization process of one of the largest oil&gas players on the market
  • successful challenge on behalf of one of the largest wood manufacturers in Romania of a 3.42 million EUR penalty imposed under the Emission Trading Scheme regime for failure to timely surrender greenhouse gas emission allowances corresponding with the client’s actual emissions
  • successful challenge on behalf of a mining company of the claim initiated by the government against the environmental approval of a gold mining project

Data Protection and Privacy

  • assistance to a large financial institution and its subsidiaries with conducting an audit of the processing operations within the group to assess compliance with GDPR requirements, drafting an audit report and an action plan with recommended measures to be implemented by the group to ensure compliance, and assisting with the implementation thereof
  • advice to a large IT company in conducting an audit of the processing operations within the company, issuing recommendations regarding the necessary actions to be taken for ensuring compliance with applicable legislation and assistance in implementing such measures; also provided assistance in day-to-day privacy matters, including for its cloud computing services, and held training sessions regarding data protection requirements
  • assistance to one of the major car manufacturers in Romania in implementing privacy information and notification requirements for its HR and sales and marketing activities
  • assistance to a pharmaceutical company in the internal investigation on privacy breach allegations made by former employees
  • project by a major telecommunications operator regarding the possible extension of the access to credit bureaus regulations in order to allow telecom operators access to data required for financial exposure prevention purposes
  • advice to one of the major insurance brokers in implementing privacy notices, submitting notifications and addressing data protection requirements in connection with intra-group data sharing
  • assistance to a leading pharmaceutical company in implementing privacy documents, including privacy notices, internal procedures and notifications with the data protection authority
  • advice to one of the worldwide telephone manufacturers in fulfilling notification and transfer authorization requirements for its marketing and HR functions
  • advice to a major financial institution on privacy implications of transferring its portfolio of clients and contracts to an affiliate
  • assistance to a client in the pharmaceutical sector on data sharing alternatives as part of a FCPA investigation

Accolades

Roxana Ionescu is highly recommended as a lawyer specializing in environmental law with “strong regulatory and transactional focus covering all aspects of the practice area
(Practical Law Company)

Education

  • University of Bucharest Law School, Law Degree
  • Law School of De Montfort University, Leicester (UK), LL.M in Environmental Law
  • Academy of European Law, post-graduate diploma in European Law
  • Lex Mundi Institute, Post-graduate Diploma in Employment Law
  • Centre of Euro-Atlantic Studies, Post-graduate Diploma in European Integration

Memberships and Affiliations

  • Bucharest Bar
  • Coalitia pentru Dezvoltarea Romaniei, coordinator of the Environmental Task Force
  • Lex Mundi E-commerce, Technology, Outsourcing, and Privacy Practice Group
  • Lex Mundi Environmental Practice Group
  • AmCham Romania Environment Committee
  • AmCham Romania ICT Committee
  • Foreign Investors Council Environment and Sustainability Task Force
  • Foreign Investors Council Technology and Innovation Task Force

Notable Contributions

Environment

  • speaker at Govnet’s Romanian Environmental Compliance Conference 2016, “Environmental litigation – concepts and common mistakes” (2016)
  • speaker at the NNDKP-ERM event on Environmental Responsibilities (2013)
  • PLC Cross-border Environment Handbook – Romania chapter” (PLC, 2008) (co-author)
  • Promoting Energy Efficiency and Renewable Energy Sources in the Current Romanian Market Environment” (Romanian Business Digest, 2007) (co-author)
  • Environmental Protection in the Context of Romanian Accession to the European Union” (Invest Romania Magazine, 2006)

Data Protection and Privacy

  • speaker at the NNDKP Lex Atelier event, “Human Resources between internal regulation and legal constrains” (2015)
  • “Electronic communications – Romania country Guidance Note” (DataGuidance online platform, 2015) (co-author)
  • “Data transfers and outsourcing – Romania country Guidance Note” (DataGuidance online platform, 2015) (co-author)
  • “Customer data – Romania country Guidance Note” (DataGuidance online platform, 2015) (co-author)
  • “The law and practice of video monitoring – Romania country Guidance Note” (DataGuidance online platform, 2015) (co-author)
  • “Data Protection: Laws of the World – Romania chapter” (several edition up to 2014) (co-author)
  • “Data Protection and Privacy – Jurisdictional Comparisons – Romania chapter”, 2nd edition, European Lawyer Reference (Thomson Reuters, 2014) (co-author)
  • speaker at the Microsoft Cloud Computing event, “Recommended criteria for choosing a cloud service provider (2014)
  • “Getting the Deal Through: Data Protection and Privacy – Romanian chapter” (2013) (co-author)
  • speaker at the Promotions360 event, “Using databases in promotions (2013)
  • New EU Data Privacy Regulation Worries Legal Departments – Romania section” (Talklaw Europe, 2012)
  • Romanian Data Retention Law Found Unconstitutional” (Data Protection Law & Policy, 2010) (co-author)