After a two-year gap in the date, the Data Privacy Day 2025 returns on the exact day of the Data Protection Day which is held every year on 28 January. The Data Privacy Day 2025 will take place on Tuesday 28 January 2025, from 09.30 in Esch-Belval.
New in 2025! Data Privacy is now a one-day event with additional conference sessions.
Data Privacy Day 2025 is organised as a hybrid event. You can attend the event live or remotely.
The theme for the 2025 event is ‘Riding the waves of new data protection challenge’
Conference sessions
As of 17 January 2025
09.00 – On site registration
09.15 – Opening of the online event
09.30 – OPENING SPEECH – ‘The GDPR 6 years in – where do we stand?’
by a representative of DG JUST from the European Commission
10.00 – ‘Risk management in privacy: a share perspective of DPO & CISO of the University of Luxembourg’
by Laurent Weber, Chief Information Security Officer, and Sandrine Munoz, Data Protection Officer, University of Luxembourg
Read about the session summary
We will discuss the collaboration between the Data Protection Officer (DPO) and the Chief Information Security Officer (CISO) of the University of Luxembourg to illustrate how we handle this in our daily work. This will be highlighted with various examples of our joint efforts for the greater good. Additionally, we will provide a detailed look at how we manage risks together.
10.30 – ‘Responsible digital transformation and innovation: An overview of the tools made available by the CNPD’
by Jérôme Commodi, Legal Counsel and Project Manager, National Commission for Data Protection
Read about the session summary
The CNPD will present the six tools designed during these last 20 months to meet the diverse needs of controllers and processors, ranging from start-ups and small businesses to large organizations, and cover various aspects of GDPR compliance. These six essential tools are helping and will continue to help SMEs and individuals navigate the complex data protection landscape.
11.00 – Coffee Break
11.30 – ‘Privacy and the promotion of access to data under the EU Data Act’
by Mickaël Tome, Partner, Togouna & Tome Avocats
Read about the session summary
The EU Data Act is a pivotal regulation which aims to harmonise rules on access, use and sharing of data generated from a broad range of products and services, including connected objects (“IoT”). It builds on the rules of the General Data Protection Regulation (GDPR), but their objectives differ and they complement each other. Mickaël Tome will present key points of the EU Data Act (and their impact on Luxembourgish and European businesses) and discuss some aspects of the interplay between this new legal framework and GDPR rules.
12.00 – Session n°4
by Guillaume Pourquie and Jean-Luc Tessier, Association supDPO
12.30 – Lunch Break
14.00 – ‘Ensuring Compliance: Data Protection Laws and Risk Assessment in Research’
by Francesco Vigna, Data Protection Officer, Luxembourg National Data Service
Read about the session summary
Risk assessment is a crucial aspect of data protection law compliance. It involves evaluating the potential risks that the processing of personal data may pose to the rights and freedoms of data subjects. This process includes identifying and analyzing the likelihood and impact of various risks and, consequently, selecting appropriate measures to mitigate these risks. The GDPR, along with other regulatory frameworks, makes risk assessment essential for achieving and demonstrating compliance.
14.30 – ‘Ethical AI and evolution’
by Michael Hofmann, President of APDL, and Shariq Arif, APDL Board member, Association pour la Protection des Données au Luxembourg (APDL)
Read about the session summary
The session is addressed to Data Protection and Cyber professionals and includes selected day to day AI challenges for DPO’s and CISO’s and next steps.
15.00 – End
Exhibition (only for live participants)
As of 14 January 2025
In parallel to the conference, the event includes an exhibition area. This area can only be accessed by attendees physically joining the event.
- ‘Association pour la Protection des Données au Luxembourg (APDL)’ – Luxembourg Data Protection Association activities (Learn about the collaboration of APDL with other professional organisations within Luxembourg and Europe).
- ‘BEE SECURE‘ – Awareness raising on cybersecurity basics.
- ‘Digital Learning Hub / 42 Luxembourg‘ – Professional trainings in cybersecurity offered by the Digital Learning Hub & 42 Luxembourg.
- ‘The European Commission‘.