The National Center for Personal Data Protection (NCPDP), for informational purposes, announces about the launch of the video from the national conference “Implementation of the Legal Framework on Data Protection: Challenges, Benefits, Resilience.”

     The importance of the launched video is undeniable, as it offers a retrospective of the conference’s key moments, including the conclusions of international participants, representatives of public authorities and the private sector. The video aims to raise awareness among data subjects, data protection officers (DPO), public institutions and the business community regarding the new legislative provisions in the field of personal data protection, while also highlighting the challenges, benefits and importance of resilience in implementing the legal framework.

       The video was produced with the support of the project “Improving Cyber Resilience in the Eastern Partnership Countries,” implemented by the e-Governance Academy (eGA) and funded by the European Union, as well as with the support of the European Union Partnership Mission in the Republic of Moldova (EUPM Moldova) and can be viewed by clicking on the link: https://datepersonale.md/videogalerie/

     On February 5, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course for persons designated by the controller or the processor as Data Protection Officers (DPO).

       The event is part of a series of training sessions organized by the NCPDP, specifically designed for Data Protection Officers who are new in the field, with the primary objective of strengthening the theoretical and practical knowledge necessary for the proper performance of their duties.

       The obligation to appoint a Data Protection Officer is provided for by Law No. 133/2011 on personal data protection, which requires the controller and the processor to appoint such a person in the cases expressly provided for in Article 25 of the aforementioned law.

       The course focused on clarifying the role and position of the Data Protection Officer within the organization, the specific responsibilities and duties of this role, as well as the DPO’s interaction with the controller, the processor and the supervisory authority. Additionally, key aspects regarding the principles of personal data processing, the legal grounds for processing, the rights of data subjects and the obligations of controllers in ensuring compliance with relevant legislation were addressed.

       Particular emphasis was laid on the practical aspects of the Data Protection Officer’s role, with an analysis of concrete scenarios regarding the identification of risks associated with data processing, the implementation of appropriate organizational and technical measures, the management of security incidents and cooperation with the NCPDP. At the same time, the course aimed to develop participants’ ability to provide internal consulting and actively contribute to creating and maintaining an organizational culture focused on respecting the right to the protection of personal data.

       This course is of great importance to participants, as it equips them with the skills needed to effectively and responsibly fulfill the role of Data Protection Officer, thereby helping to prevent legal violations and protect the fundamental rights and freedoms of data subjects.      

      By continuously organizing these training activities, the NCPDP reaffirms its active role in supporting the professional development of Data Protection Officers and in strengthening the level of compliance in the field of data protection at the national level.

       During the event, 15 Data Protection Officers, representing both the public and private sectors, were trained.

       On February 4, the National Center for Personal Data Protection (NCPDP) continued its information and awareness campaign for the school community by organizing a training course on “Personal Data Protection and Children’s Safety in the Online Environment” for students from “Principesa Natalia Dadiani” Theoretical High School in Chișinău.

       The activity took place during the Personal Development class, with the target audience being students in 4th grade “B” and was conducted by NCPDP representatives in an interactive format adapted to the children’s age level, which facilitated the students’ active involvement, open dialogue and practical understanding of the information presented. The course is part of the activities dedicated to European Data Protection Day, marked annually on January 28, with the aim of promoting respect for the right to privacy and responsible and safe behavior in the online environment.

       During the training, students were introduced to the basic notion of personal data, learning what it is, how to recognize it in everyday activities and why it is important to protect information containing personal data. At the same time, the children discussed the responsible use of photos and videos online, with explanations of concepts such as the privacy settings of social media accounts, the role of privacy settings and the rules for sharing content within messaging apps.

       A significant part of the training was dedicated to identifying online risks and threats, including cyberbullying, identity theft, unauthorized messages or other situations that could compromise children’s safety and privacy. Students were guided on appropriate behaviors and steps to take if their personal data, images or videos are used without consent and were encouraged to seek support from trusted adults.

       By participating in this training course, students developed essential self-protection skills in the digital environment, understood the importance of responsible communication on social networks and were encouraged to show respect for their own and others’ privacy. Such activities contribute to strengthening a culture of personal data protection since the primary school and to preventing the risks associated with the improper use of information technologies. 

       NCPDP reaffirms its commitment to continue organizing and supporting educational activities dedicated to children and young people in order to increase the level of awareness and responsibility regarding the protection of personal data and safety in the online environment.

       The event was organized at the initiative of NCPDP, with 34 students being trained. At the same time, the information materials, as well as the gifts offered to the students, were developed with the support of the United Nations Children’s Fund (UNICEF).

       On February 12, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course on personal data protection for representatives of the Eastern Regional Department of the General Inspectorate of Border Police (GIBP), an event that marked the start of the training program planned for 2026. The course was conducted in accordance with the Training Plan for GIBP subdivisions for 2026, approved and signed by the heads of the NCPDP and GIBP on January 28 of this year.

        The main objective of the course was to strengthen the professional capabilities of GIBP representatives regarding compliance and enforcement of legal regulations on personal data protection, given their essential role in processing a significant volume of data within the specific activities of state border surveillance, control and ensuring national security.

      During the training, NCPDP experts presented the applicable national and international regulatory framework in the field of personal data protection, with a focus on the fundamental principles of data processing, legal bases, special categories of data and the rights of data subjects. Particular attention was paid to the obligations of data controllers in the public sector, including requirements regarding transparency, proportionality, purpose limitation and ensuring the security of processing.

       At the same time, the specificities of personal data processing in the field of law enforcement were addressed, including aspects related to the collection, use, storage, and disclosure of data within the operational activities of the GIBP. In this regard, practical examples and specific situations encountered in their daily work were discussed and clarifications and recommendations were provided to prevent risks of violating applicable laws.

       The importance of organizing such a course arises from the need to ensure a high level of accountability and compliance among GIBP staff, who, by the nature of their duties, come into direct contact with citizens’ personal data. Strict compliance with legal requirements in this area contributes not only to protecting the fundamental rights of data subjects but also to strengthening public trust in the activity of the authorities responsible for maintaining order and security.

       By organizing this event, the NCPDP reaffirms its active role in promoting a culture of personal data protection and expresses its continued willingness to provide methodological and advisory support, as well as training activities, for representatives of the GIBP and other public authorities, with a view to ensuring that personal data is processed in strict compliance with applicable legislation and best practices at the national and international levels.

       During the event, 45 representatives of the Eastern Regional Directorate of the GIBP were trained.

       On February 13, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course on personal data protection for employees of the Technical-Criminalistics and Forensic Expertise Center of the General Police Inspectorate (GPI), in accordance with the Training Plan for GPI subdivisions for 2026, approved and signed by the heads of the NCPDP and the GPI on January 28 of this year. This event marked the start of the training process planned for 2026.

       The main purpose of the training was to ensure the correct, consistent and legally compliant application of personal data protection rules in forensic expertise activities, areas that involve complex, frequent data processing and a high degree of data sensitivity.

       The training session covered the fundamental principles of personal data processing, the legal grounds applicable to the activities carried out by law enforcement agencies, the responsibilities of data controllers and processors, as well as the obligations of public institutions to safeguard the rights of data subjects.

       At the same time, the training had a strong practical focus, analyzing practical situations and case studies relevant to the activity of the Technical-Criminalistics and Forensic Expertise Center, with an emphasis on:

• compliance with the principles of lawfulness, proportionality and data minimization;
• limiting processing to specific, explicit  and legitimate purposes;
• implementing appropriate technical and organizational measures to ensure data security;
• preventing security incidents and the unauthorized disclosure of personal data.

       The importance of the event resides in strengthening the institutional culture regarding personal data protection, preventing risks of violations of the fundamental rights of data subjects and increasing the level of compliance of the activities carried out by the GPI with the provisions of current legislation. The training highlighted the role of data protection as an essential element of the legality of procedures and public trust in the work of law enforcement agencies.

       Following the course, the need for the following is highlighted: continuous training of personnel involved in data processing; integration of data protection requirements into all stages of operational activities; accountability of each employee in the personal data processing process; and strengthening of institutional cooperation to ensure uniform application of the regulatory framework.

       The NCPDP reaffirms its commitment to continuing its training and methodological support activities for public authorities, with a view to ensuring a high level of personal data protection and respect for the fundamental rights and freedoms of individuals.

       During the event, 74 representatives of the Technical-Criminalistics and Forensic Expertise Center of GPI were trained.

       On February 17, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course on personal data protection for employees of the Northern Investigations Department of the National Investigations Inspectorate. The activity was conducted in accordance with the Training Plan for the subdivisions of the General Police Inspectorate (GPI) for the year 2026, a plan approved and signed by the heads of the NCPDP and the GPI on January 28 of this year.

       The main objective of the course was to strengthen participants’ theoretical and practical knowledge regarding the proper application of legislation in the field of personal data protection, particularly in the specific context of investigative activities and the processing of sensitive data.

       The training was of particular importance to the employees of the Northern Investigations Department, given the large volume of personal data processed in their operational activities, as well as the need for strict compliance with the principles of lawfulness, proportionality, confidentiality and data security. At the same time, the course helped prevent risks of violating the rights of data subjects and increased the level of professional accountability.

          The training covered topics such as:

•  the fundamental principles of personal data protection;
•  the legal grounds for data processing in investigative activities;
•  the rights of data subjects and the obligations of data controllers;
•  organizational and technical data security measures;
•  practical examples and common situations encountered in day-to-day activities.

       Following the training, participants strengthened their skills in the practical application of legal regulations, as well as their ability to correctly identify and manage situations involving the processing of personal data.

       The NCPDP reaffirms its willingness and openness to continue organizing such training courses, which are considered essential for ensuring uniform practices that comply with current legislation, as well as for strengthening a culture of data protection within public authorities.

        During the event, 20 representatives of the Northern Investigations Department of the National Investigations Inspectorate were trained.

       The National Center for the Protection of Personal Data (NCPDP), for informational purposes, announces about the development of Guidelines/explanations for the proper implementation of Law No. 195/2024 on personal data protection, a legislative act that will enter into force on August 23, 2026.

       The purpose of these Guidelines is to assist data controllers, processors and other stakeholders in understanding, interpreting, and correctly applying the new legal provisions, in a context marked by rapid technological developments and the intensification of personal data flows. The document provides explanations and reasoning intended to clarify the new requirements introduced by the law, promoting a modern approach based on risk assessment and management and on the proactive responsibility of data controllers.

       The guidelines were developed based on the principles established by Regulation (EU) 2016/679 and are aimed at ensuring a high level of protection for the fundamental rights and freedoms of natural persons, strengthening legal security and creating a clear and coherent framework to support consistent practices in the field of personal data protection.

       At the same time, the NCPDP notes that the document is intended as a guide and serves as a reference tool for the correct and uniform application of the provisions of Law No. 195/2024 on personal data protection and recommends to be consulted regularly.

       The full text of the Guidelines/explanations for the correct application of Law No. 195/2024 can be accessed via the following link:

CONSIDERENTE_Legea_195/2024   

       On February 20, 2026, the National Center for the Protection of Personal Data (NCPDP) organized and conducted a training session for employees of the Southern Investigations Department within the National Investigations Inspectorate. The training session was conducted in accordance with the Training Plan for the subdivisions of the General Police Inspectorate (GPI) for 2026, a document approved and signed on January 28, 2026, by the heads of the NCPDP and the GPI, with a view to strengthening institutional capacities regarding the uniform and correct application of the regulatory framework on data protection.

       The purpose of the training was to increase the level of awareness and accountability among staff with investigative duties, by deepening their knowledge of the fundamental principles of personal data processing, the legal grounds for processing, the conditions of legality and proportionality of intrusions within private life, as well as the obligations of controllers and processors.

       The session addressed key issues regarding:

•  the application of the principles of lawfulness, fairness and transparency in the processing of personal data, while also respecting the principles of data minimization and purpose limitation;
• ensuring data integrity and confidentiality through the implementation of appropriate technical and organizational measures;
• the specificities of data processing in the context of special investigative activities;
• handling requests from data subjects regarding the exercise of their rights guaranteed by applicable law;
• legal liability for violations of the personal data protection regime.

       In addition, representatives from the NCPDP provided explanations and practical recommendations regarding the documentation of data processing operations, the delimitation of functional responsibilities within operational units and the assessment of risks associated with data processing in investigative activities.

       The event took place in an interactive format, analyzing case studies relevant to the activity of the Southern Investigations Department, with a focus on identifying solutions compliant with the regulatory framework and relevant case law.

       By organizing these training activities, the CNPDCP reaffirms its commitment to strengthening the culture of data protection within public authorities, including law enforcement bodies, with a view to ensuring a fair balance between the need to fulfill legal obligations and respect for the fundamental rights and freedoms of individuals. At the same time, the NCPDP will continue to implement the Training Plan for 2026, in cooperation with the GPI, to ensure the consistent and effective application of personal data protection legislation.

       During the event, 17 representatives of the Southern Investigations Department of the National Investigations Inspectorate were trained.

       On February 19, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course in the field of personal data protection for the representatives of the Information Technology Service (ITS) of the Ministry of Internal Affairs (MIA), at their request.

       The main objective of the course was to strengthen and enhance the theoretical and practical knowledge of the participants regarding the proper application of personal data protection regulations, with a focus on their responsibilities under the relevant legislation. The training was designed to assist ITS representatives in identifying and managing risks associated with data processing carried out through the information systems used within the Ministry of Internal Affairs.

       The training session covered, in detail, topics relevant to ITS’ specific activities, such as:

•  the fundamental principles of personal data processing;
•  the roles and responsibilities of controllers and processors from the perspective of the infrastructure managed by ITS;
• data processing security requirements and appropriate technical and organizational measures;
• security incident management and notification obligations;
• the impact of new legal provisions on existing and future information systems.

       Following the course, the need for effective collaboration between staff responsible for the administration and development of information systems and those responsible for ensuring legal compliance was highlighted, the importance of conducting ongoing risk assessments associated with data processing operations, as well as the essential role of continuous staff training in maintaining a high level of personal data protection.

       The NCPDP reaffirms its commitment to supporting public authorities in the process of adapting to new legislative requirements and to promoting a culture of data protection based on accountability, legality and security.

       During the event, 25 representatives of the Information Technology Service of MIA were trained.

       On February 24, 2026, the National Center for Personal Data Protection (NCPDP) organized a training course in the field of personal data protection for Customs Service employees, at their request.

       The training aimed to strengthen participants’ theoretical and practical knowledge regarding the proper application of the national regulatory framework in the field of personal data protection, as well as to clarify the obligations of public authorities in their role as data controllers. At the same time, the training aimed to increase the level of compliance of data processing operations carried out within the scope of customs-related activities.

       During the training session, the provisions of the national legal framework applicable to personal data protection were presented and analyzed in detail, with an emphasis on the fundamental principles of processing, the conditions of lawfulness, proportionality and transparency, as well as the obligations of data controllers and data processors. At the same time, the essential role of respecting the rights of data subjects in the context of operational activities carried out by customs officials was highlighted.

       Furthermore, the training aimed to clarify aspects related to ensuring the security of personal data, addressing the technical and organizational measures necessary to prevent unauthorized access, loss, destruction, or unlawful disclosure of data. Participants were informed about the individual responsibilities of staff involved in processing activities, as well as the importance of documenting and implementing internal procedures in accordance with legal requirements.

       A separate section of the activity focused on examining practical situations and case studies relevant to the work of the Customs Service, with the aim of identifying specific risks associated with the processing of personal data and implementing appropriate solutions to mitigate them. In this context, recommendations were formulated to ensure consistent and compliant practices within the institution.

       The NCPDP emphasizes the importance of institutional cooperation and the continuous training of public authority staff in the field of personal data protection as an indispensable element for strengthening legal certainty, increasing the level of legislative compliance and ensuring respect for the fundamental rights and freedoms of data subjects. At the same time, the NCPDP reaffirms its willingness to provide methodological and advisory support to public authorities, with a view to promoting an institutional culture based on legality, accountability and the effective protection of personal data.

      During the event, 132 customs officials were trained.