Remember the typical “GDPR comes with huge fines” fearmongering advice? That’s not us.

Reality is you cannot avoid processing personal data in your business and we are here to help you do that while complying with data protection legislation. The GDPR places many requirements on organizations and data protection compliance is becoming increasingly demanding. That is why we do not sell any one-size-fits-all solutions, and we tailor our advice to each individual business in consideration of their specifics. We start by understanding each organization’s needs, and we step outside of the “data protection laboratory” into the real world, by implementing compliance measures with a practical approach.

General GDPR Compliance

GDPR includes a vast array of obligations for data controllers and processors, making it difficult for organizations to keep up with the regulatory landscape. We regularly help clients implement comprehensive yet practical compliance programs, seamlessly integrated in their business activity.

Legal Design

We are skilled at drafting data protection related documentation, such as information notices and other materials that need to have an accessible language and be easily understood by the general public. Our documents are not just lawyer readable but human readable.


In-house trainings are the best way to raise awareness about data protection. We offer custom designed trainings for all types of teams and help teach the most relevant GDPR principles for your business, from high management to operational staff handling personal data.

Intellectual Property

Privacy and IP are strongly interconnected, especially in this highly digitalized era. Our solid background on IP&IT legal matters allows us to provide valuable input on issues such as copyright, database rights, trade secrets and confidential information protection.

DPO Personal Trainer

We have designed a unique one-to-one training program for Data Protection Officers and other privacy specialists. The aim is to go deeper into both theoretical and practical GDPR compliance issues, through a personalized learning and coaching experience.

ePrivacy Compliance

Data protection is not just about GDPR. We also advise clients on complying with ePrivacy regulatory requirements such as those related to direct marketing, as well as the legal implications and necessary steps for using cookies and other tracking technologies.




Roxana is an attorney at law since 2012, and starting with 2017, her activity focuses almost exclusively on data protection related matters, being involved in projects for clients in a variety of industries. Roxana began her career by handling primarily IP and IT&C matters. Her previous experience of over 3 years as Senior Contracts Specialist for Oracle, both in the Bucharest and in the London office, gave her valuable exposure to the IT industry and a set of skills of much help to her activity as a lawyer. Roxana's 6 years collaboration with Biriș Goran SPARL was a key element in establishing the partnership between the two law firms, supporting the goal of building a specialized data protection practice, unique in Romania, and offering integrated legal services for clients.


Partner, CIPP/E

Dana has a solid background as a lawyer promoting fundamental rights, and in particular the rights to private life and data protection. Since 2014, after joining the Bucharest Bar, she has been active in transnational legal projects and human rights investigations, often involving complex and interdisciplinary work. Dana also has experience in banking law and has been involved in complex GDPR compliance programs for banks and other large organizations. Dana closely monitors the impact of data protection legislation on the freedom of expression and manages the platform which is aimed at explaining privacy for journalists. She frequently writes articles on data protection related matters and is a CIPP/E and a certified trainer.



Roxana became an attorney at law in 2015, focusing mainly on Intellectual Property and Data Protection. Before joining PrivacyOne, Roxana worked with some of the most prestigious law firms in Bucharest, handling IP, Real Estate, Competition & Mergers and Acquisitions projects. Following entering into force of the EU Regulation on Data Protection, her focus shifted towards this new domain. Her knowledge and experience are extremely useful to clients in order to navigate the complexity and interconnections between different practices in finding solutions that are both practical and in line with the legal requirements. Roxana advised clients who are active in the IT, Media, Hospitality and Pharma industries.

We don’t sell GDPR software or templates and we won’t magically make you “GDPR compliant”.

We do, however, come up with practical solutions to your data protection and privacy problems and empower your organisation to learn to handle them in the future.

Get in Touch with Us

Bucharest, Bd. Aviatorilor nr. 47, etaj 2, sector 1, 011853, Romania

Email: [email protected]

PrivacyOne on LinkedIn