Duties:
- Serve as the main point of contact within the organization for staff members, regulators, and relevant public authorities on issues related to data protection.
- Ensure that company policies are in compliance with codes of practice such as GDPR (General Data Protection Regulation).
- Evaluate the existing data protection framework to identify areas of no or partial compliance, and rectify any issues.
- Devise training plans and provide data protection advice to staff members.
- Inform and advise the data controller or data processor on all matters related to data protection.
- Promote a culture of data protection and compliance across all units of the organization.
- Provide expert advice and educate employees on important data compliance requirements.
- Oversee all data protection agreements and clauses, ensuring alignment with regulatory requirements such as GDPR and company policies.
- Draft new and amend existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders.
- Deliver training across all business units to staff members who are involved in data handling or processing.
- Conduct audits to ensure compliance and to address potential issues.
- Maintain records of all data processing activities of the company.
- Serve as point of contact for data protection authorities.
- Two or more years of experience in data protection compliance or related field.
- Proficiency in conducting Data Protection Impact Assessments (DPIAs) to assess and mitigate risks associated with data processing activities.
- Expertise in data protection laws and practices, including deep understanding of GDPR.
- Experience in a legal, audit, or risk management role.
- Ability to work effectively under pressure and to manage sensitive and confidential information.
- Excellent verbal and written communication skills, with strong attention to detail.