Privacy Law at Moldova
Moldova enacted a comprehensive data protection law on August 23, 2024, aligning its framework with the European Union's General Data Protection Regulation (GDPR). The law, Law No. 195/2024 on the Protection of Personal Data, is set to come into effect on August 23, 2026, providing a two-year transition period for implementation.
Key Features of Moldova’s New Data Protection Law
1. *Alignment with EU GDPR
The law fully transposes the GDPR into Moldovan legislation, ensuring a high level of personal data protection in accordance with EU and Council of Europe standard. citeturn0search1
2. *Data Subject Rights
Individuals are granted enhanced rights over their personal data, including:
Access The right to obtain confirmation of whether personal data concerning them is being processed.
Rectification The right to correct inaccurate or incomplete data.
Erasure The right to request deletion of data under certain condition.
Restriction of Processing The right to limit the processing of their dat.
Data Portability The right to receive their data in a structured, commonly used forma.
Objection The right to object to data processing based on legitimate interest.
3. *Obligations for Data Controllers and Processors
Entities that determine the purposes and mean of processing personal data (controllers) and those who process data on their behalf (processors) must: Obtain explicit consent from individuals before processing their dat. Ensure data is collected for legitimate, specific, and stated purpose. Implement data minimization principles, collecting only necessary dat. Conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities. Appoint a Data Protection Officer (DPO) when require.
4. *National Centre for Personal Data Protection (NCPDP)
The NCPDP is established as an independent public authority responsible fo: Monitoring and enforcing compliance with the data protection la. Providing guidance and raising awareness on data protection issue. Investigating complaints and imposing sanctions for violation.
5. *Sanctions for Non-Compliance
Violations of the data protection law may result i: Fines up to 1 million Moldovan lei or up to 1% of annual turnover for companies. Administrative penalties for individuals responsible for data breaches.
6. *Exemptions and Special Provisions
The law includes specific provisions for:
Freedom of Expression Exemptions for data processing carried out for journalistic, academic, artistic, or literary purpose.
Public Interest Processing for archiving purposes in the public interest, scientific or historical research, or statistical purpose.
Access to Public Information Conditions under which personal data held by public authorities can be disclose.
🗓️ Implementation Timeline
*August 23, 2024: Law No. 195/2024 published in the Official Gazette.
*August 23, 2026: Law enters into force, replacing the previous Law No. 133/2011 on Personal Data Protection.
RELATED Blog
0 comments