Meet the GDPRLocal Team: Elena Stojanovska
At GDPRLocal, we are proud to spotlight the incredible individuals who shape our success and define our values and Elena Stojanovska is an amazing example of dedication and expertise. As our Compliance Operations Manager, she is not just a vital part of the team but also a cornerstone of our policy development and company growth.
Q: What inspired you to pursue a career in data protection, and what continues to motivate you in this field?
My professional journey began at the Agency for Personal Protection in Macedonia, where, as a fresh graduate, I took a position in the Department for International Cooperation and Public Relations. In the early 2000s, personal data protection was an emerging concept in the Balkans and was still evolving across Europe. I had the invaluable opportunity to attend key European conferences and events, connecting with leading figures in data protection. While this exposure was enlightening, the real challenge lay in translating these international best practices to our local context. This experience not only shaped my understanding of data protection but also highlighted the complexities of bridging the gap between theoretical frameworks and practical implementation.
During my decade-long tenure at the Data Protection Authority, I gained comprehensive insight into regulatory compliance and privacy governance. This experience proved invaluable when I transitioned to the private sector, where I focused on helping organizations build robust privacy cultures from the ground up. Through roles in both non-governmental organizations and as a privacy consultant for private companies, I’ve dedicated my career to advancing personal data protection and privacy compliance.
As for my motivation, I never have two days that feel the same in this job. Privacy touches all of us — from the photos we share to the websites we visit. As our lives become more digital, the line between our online and offline selves gets blurrier. That’s what makes this work fascinating. I absolutely enjoy this dynamic environment, and being part of the GDPRLocal team adds to my motivation, as it is undeniably the best team I have ever worked with.
Q: As you have quite the experience with working in the data protection field, what are some of the most common challenges that companies face regarding this matter?
If I had been asked this question 15 years ago, I would have probably thought of 2-3 challenges, but now, the situation is more complex. The landscape of data protection has evolved significantly over the last 15 years, and many factors influence companies’ decisions to face challenges in this area. A primary challenge facing companies worldwide is the rapid evolution of privacy legislation. The European Union’s AI Act, adopted in 2024, represents perhaps the most significant regulatory shift in recent years. This groundbreaking legislation imposes strict requirements on companies developing or deploying AI systems, including mandatory risk assessments, transparency obligations, and robust data governance frameworks.
Based on our experience over the past year, data subject access requests (DSARs) have become increasingly common, presenting a significant challenge for companies. It shows that individuals have become more aware of their rights, and more respectful of their privacy. This evolution demands that businesses not only allocate more resources but also implement streamlined processes to ensure timely compliance with privacy regulations and consumer expectations.
Q: What advice would you give to individuals and organizations for protecting their personal data and managing it responsibly?
To be honest, protecting personal data isn’t exactly thrilling all the time. But neither is having an identity stolen or watching a company’s sensitive information splash across headlines. Individuals and companies share the responsibility when privacy protection is concerned.
Individuals have to be more aware of the digital footprints they leave, so the first line of defense is using strong, unique passwords and multi-factor authentication. The next one is making conscious decisions about sharing personal data. While many websites, social media, and applications are great for keeping up with friends, receiving news, and entertainment they are also a goldmine for scammers. Also, we all need to understand that carefully reading Privacy Policies and Terms of Use is crucial before we click the “I agree” button. Knowing exactly what we have consented to is what will help us understand our rights and make us capable exercise them appropriately.
Companies need to understand that protecting personal data isn’t just an IT issue or a legal requirement. It’s a fundamental business practice that touches every part of the business and it should be treated that way giving it the attention, resources, and priority it deserves. The privacy landscape keeps shifting and new privacy laws are taking effect throughout 2024 and 2025. Regular audits aren’t optional anymore, they need to be scheduled regularly to assess the gaps in the security and incident response plans. Keeping detailed records of security measures, training programs, subject access requests, and any incidents is crucial.
Privacy isn’t just about avoiding fines or lawsuits. It’s about building trust with customers, partners, and employees. When people know that a company takes their privacy seriously, they’re more likely to stick with that company for longer.
Q: If you could choose one hobby or activity to relax after work, what would it be and why?
I have to admit, this one took me the longest to answer 😊 Maybe because I want to do so much in a short time. Once I clock out, the real juggling act begins. Between shuttling my daughter to her activities and squeezing in my hobbies, the evening hours slip away. My free time is almost always for friends and socializing. Lately, I catch myself running late-night movie marathons, I guess this is my guilty pleasure even though my morning self rarely thanks me for it 😊 I promised myself that I would travel more this year, so these days I spend some time browsing and planning my “me-time”.
Elena brings a wealth of knowledge and experience to the team, always ready to share her insights and lend a helping hand. Her support and dedication haven’t gone unnoticed—they’ve made a real impact on both her colleagues and clients.
To learn more about our incredible team and how they make GDPRLocal what it is today, be sure to check out our team blogs!