Data Protection Supervisory Board (DPSB)

Ms Besa Velaj-Tauzi is a legal professional with extensive experience, acquired during her engagement in private and public sector. Formerly she has been part of one of the biggest law firms in Albania where she has specialised inter alia in commercial and data protection law. In 2017 she has joined the office of the Information and Data Protection Commissioner in the position of Advisor. Since 2021 she holds the position of the Director of Cabinet of the Albanian Information and Data Protection Commissioner. Her responsibilities include monitoring the fulfilment of tasks and duties assigned by the Commissioner, ensuring timely performance of all tasks and collecting information, progress reports, remarks or recommendations on the fulfilment of the tasks and objectives.

Mr Kapllani is presently the Director of the Cyber Security Analyses, Governance, Risk and Audit Directorate at the Albanian National Cyber Security Authority. Prior to this role, he headed the Cyber Security Governance and Audit Unit at the National Authority for Electronic Certification and Cyber Security (AKCESK) for six years, following his tenure as an expert auditor at the same organisation. Mr Kapllani possesses extensive experience in conducting thorough information security audits for Critical Information Infrastructure Operators, utilising the ISO 27001 framework to ensure robust security controls and personal data protection.

Ms Ines Walburg is Head of a Division at the Hessian Commissioner for Data Protection and Freedom of Information since 2019 (Germany). In her role, she is mostly involved in data protection matters for the police, judiciary, protection of the constitution and lawyers. Ms Walburg participates in national working groups and EU evaluation and review missions. She represents the German Länder data protection supervisory authorities in various European working groups, i.e. in a European Data Protection Board expert subgroup and in supervision coordination bodies. She has a strong expertise in personal data protection audits and consultations, legislative processes, and provides advanced data protection training. She is also a speaker at conferences on data protection issues.

Mr Mathias Gisch is currently Head of Division and Deputy Data Protection Commissioner at the Saarland Region Data Protection Office (Germany). With a legal career starting in 2008 and a focus on IT-law, Mr Gisch oversees how authorities handle personal data for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties and has a strong expertise in international data transfers and law regarding administrative offences.

Mr Grigor Nersisyan is the Head of the Personal Data Protection Agency of Armenia. He has been serving in this role since October 2023. Mr Nersisyan is responsible for managing and coordinating the work of the Agency, conducting audits and due diligence to ensure compliance with data protection laws; he handles communications with government, international organisations, industry, civil society on data protection issues. He also provides legal opinions on data protection matters. Mr Nersisyan has a strong academic background and has authored numerous scientific articles and two handbooks.

Ms Marina Altunyan is a senior lawyer at the Personal Data Protection Agency of Armenia since September 2024. She is responsible for providing legal opinions to private and public sector entities on matters such as contracts, privacy policies and compliance with personal data protection regulations. She has experience in exercising data protection impact assessments, mitigating personal data processing risks and analysing new draft regulations concerning personal data protection. Ms Altunyan acted as a Data Protection Officer for several organisations since September 2022.