Data Protection Associate

Data Protection (GDPR) associate

1. Policies and Procedures

- participate to the drafting and implementation of the group policies and guidelines on data protection;

- monitor actual implementation and compliance with policies, contractual obligations and applicable laws and regulation (audits, etc.);

- maintain the data processing register for controller activities;

- participate to the review and implementation of the group IT and security policies in coordination with the IT/CSO functions.

2. Risk assessment and mitigation

- define the implementation program of privacy by design measures for data controllers’ and data processors’ activities;

- assist business owners in conducting privacy impact assessment for controller and processor activities;

- participate in the management of data breaches with the support of the cybersecurity organisation and monitor the data subjects’ rights handling procedure.

3. Culture and communication

- key contact person and good relationship with the competent data protection authority;

- deliver training to all functions and business teams;

- create and animate a local privacy champion organisation in all functions and business units;

- raise awareness via internal communications and present the company externally as DPO (external events);

- participate to workstreams in a global data protection network.

Language:

- English, French would be recommended.

Applications:

- Good working knowledge of MS Office (Visio and Excel).

Other:

- Good problem solving and presentation skills;

- Good knowledge of Project Management methodology and ITIL framework and processes;

- Good team player with an ability to become a coach;

- Fast learner who enjoys and embraces change being driven by the strive by continuous improvement;

- Mobility within geography (flexible to travel).