Data Protection Officer

A hands on Data Protection Officer role focused on working with product and transformation teams to educate on and ensure compliance with GDPR and other international data protection regulations. Define and drive data protection strategy, identifying gaps and working on implementation.

Client Details

This Data Protection Officer role is based in London.

The company recruiting for this Data Protection Officer role is a successful, global platform, specialising in exhibitions, events and conferences.

The business is undergoing a large digital transformation, with the creation of a new global platform, making the role of Data Protection Officer even more pivotal to the business.

Description

This Data Protection role is based in London and involves:

Using systems and platforms that connect customers comes with the responsibility of protecting data and privacy. We are committed to ensuring that all our customers' data is protected, and that our work complies with all applicable data protection legislation wherever in the world we do business. The same objective applies to the use and handling of internal data about our people and our business and operations.

We're seeking a Data Protection Officer to lead our global efforts in making data ethics and protection part of our DNA and in so doing, act as the main point of contact for data protection authorities we engage with globally, as well as instilling and promoting a culture of data protection compliance within the organisation.

The role will see you providing specialist advice including ensuring compliance with data laws and privacy regulation; the creation of best practice governance systems, policies, processes and organisational requirements; consumer privacy, privacy ethics; data governance structures, data loss and breach prevention and cross-border data flows. The DPO will work closely with the Head of Data and Head of Business Systems and will need to be solution orientated to ensure that business requirements are met.

KEY RESPONSIBILITIES

• Fulfil the tasks of the designated role of DPO as defined by Article 39 of the GDPR
• Act as the primary point of contact on issues related to data protection and data privacy for the organisation globally
• Advise on key strategic Group projects from a data and privacy point of view in order to address the need for "data by design" within the organisation on transformational activities
• Evaluate the control and processing flows of the organisation and undertake any necessary actions arising from this
• To develop or advise on the development and establishment of policies, procedures and other measures to ensure compliance with (amongst others) theGDPR andDPA including but not limited to:
  • Records of processing activities
  • Data protection by design and default
  • Data protection impact assessments
  • Fair processing
  • Intra-group data transfers and data sharing
• Critically evaluate the existing data protection and privacy frameworks and identifying areas of non or partial compliance and rectification of any issues
• Promote a culture of data protection and privacy compliance including the management and handling of any actual or suspected breach
• Proactively conduct audits and undertake regular testing to ensure compliance and address potential issues
• Maintain (or oversee the maintenance of) all legally required / necessary records of data processing activities carried out
• Serve as the point of contact for the data protection authorities it engages with in its operating markets
• Provide full-service support to the Group's legal teams in UK and Russia on regulatory and contentious matters from time to time
• Ensure distinct SLA's are established in order to address data subject access requests and internal business requests (as the case may be)
• Dealing with data breaches in accordance with prevailing law, best practice and our policies and procedure
• Ensuring appropriate governance and reporting on data management and protection to ensure that senior management and Board members has a thorough understanding of the position.
• Keep abreast of legislative changes around the world

Profile

This Data Protection role is based in London and requires:

• Five+ years of experience working in data protection compliance (candidates with more or less experience who meet the role's technical requirements will also be considered)
• Expertise in European data protection laws and practices as a minimum (experience of Russian data regulatory practices as well as other markets would be welcomed but not essential)
• Experience and working knowledge of privacy regulation and data protection technology
• Understanding of the wider data protection and privacy market
• Experience in training, leading, managing and coaching others in matters relevant to data protection and privacy laws
• Experience within a legal, audit and/or risk function department
• Experience fostering a data protection culture embedding a depth of understanding across all levels of the organisation
• Ability to manage multiple wide-ranging data compliance matters with multiple stakeholders
• Proven ability to manage and complete complex projects across multiple business units and the commitment to work collaboratively with numerous stakeholders at all levels throughout the organisation.
• Demonstrated ability to identify, prioritise and resolve issues promptly and effectively in a commercial and practical manner

Job Offer

Please submit application for full details