First pageGeneral data protection regulation (gdpr)

General Data Protection Regulation (GDPR)

Legislation in virtually all jurisdictions has established new data protection standards that apply to activities in all sectors and to businesses large and small. Every entity that deals with data needs to appreciate the changes in their operating environment and how the law defines roles and responsibilities of each actor in the field. We take a client-oriented approach to these issues based on a thorough review of the current situation, and we guide our client step-by-step through the process of identifying requirements and implementing solutions.

Our team assists our clients in mapping and implementing the processes required for handling personal data. We assess current practices against current legal and GDPR data protection requirements. We help our clients in areas where their practices need change to obtain compliance with the applicable standards, and we recommend appropriate measures tailored to their needs and their industry. Our legal services include a review of the existing contractual frameworks. We make sure that our clients comply with all of the applicable laws.  


We offer our clients comprehensive advice and assistance about all data protection issues, and when required, guidance about handling trade secrets in the client's profession or industry sector when dealing with:

Meet our GDPR team

Ana Kusak

Ana Maria Kusak

PartnerWith over 17 years of experience, Ana is specialised in competition and intellectual property law and, since 2004, has also been an intellectual property counselor and a European trademark and design attorney with EUIPO.See profile
George chiocaru1

George Chiocaru

Managing AssociateGeorge is a senior lawyer with extensive experience in the fields of IT & telecommunications, data protection, banking and finance as well as aviation and shipping.See profile
Elena Stan

Elena Stan

Senior AssociateElena is a senior Associate in our intellectual property practice. She is also a certified Intellectual Property counselor in the field of Trademarks and Geographical Indications. Elena is a highly organised, ambitious and dedicated young lawyer.See profile
Madalina Spataru

Madalina Spataru

AssociateMadalina Spataru joined us as an Associate in the fall of 2017, having graduated from the University of Bucharest’s Faculty of Law and being admitted to the Bucharest Bar. She had previously completed an internship at the firm and had worked for us as a paralegal.See profile
  • Advising the Bog’Art companies in the GDPR Audit rendered within the group in order to assess the degree of the GDPR compliance, recommending risk mitigation measures and offer continuous support in the implementation, as well as advising on complex issues involving data protection aspects;
  • Advising A&D Pharma, one of the most important pharmaceutical retailers, with respect to a complex audit on the data processing application;
  • Advising the Romanian branch of Merck, of one of the most important healthcare and life sciences companies, in fully complying with the data protection requirements;
  • Advising the Romanian branch of DP World, one of the top 10 terminal container operators, on data protection implications, including sensitive matters that imply biometric data processing and security / transfer of personal data;
  • Advising World Class Romania regarding complex data protection matters brought about by the new data protection legislation, as well as practical solutions to day-to-day matters that implied personal data processing;
  • SAA is keen to help industry moguls in complying with legal provisions, without excluding small and medium enterprises. Therefore we assisted Next Romania, one of the most important clothing retailers, in order to ensure compliance with data protection provisions;
  • Advising Creative Eye S.R.L., creator and owner of the platform Litoralul Romanesc, one of the most well-known Romanian travel agencies, in complying with data protection provisions, personal data security and the data processing audit;
  • Advising Bancpost in data protection matters by offering dedicated legal trainings and assessing the current GDPR compliance status and advice on implementation of risk mitigating measures, privacy information and data subject access rights / protection;
  • As part of a multi-layered due diligence report delivered to Resource Partners, SAA offered specialized data protection advice regarding the current GDPR compliance status of PPT (Preturi Pentru Tine SRL), identifying non-compliance risks as well as recommending risk mitigation measures in order to achieve compliance with GDPR and data protection applicable legislation. This included in depth analysis on the implications incurred by usage of third party software as well as risks associated with the usage of open source software;
  • SAA delivered a complex legal and financial due diligence report to EDS Romania SRL that involved the analysis and revisions of various data protection aspects, including the GDPR compliance status of Infopress. As a result of our in-depth analysis, SAA also provided the client with recommendations regarding risk mitigation measures to be implemented;
  • Our due diligence report to Medicover involved the analysis and revisions of various intellectual property and protection aspects, including the GDPR compliance status of the target companies, and highlights potential risks while offering recommendations for customized risk mitigation measures.
© Copyright 2020. All rights reserved.