Ensuring setup and execution of a Privacy Monitoring Program, in order to prevent, detect and report data protection risks, stimulate solutions and taking part in the execution of corrective actions. Contributing in setting up and maintaining the privacy practice, supporting the organization in its Privacy Compliance Journey contributing to implement the Privacy Control Framework and monitoring progress.
– Being responsible for designing a worldwide Privacy monitoring program, ensuring it remains up-to-date and adapted to the Company and Privacy Office circumstances / instructions, ensuring it is consistent with the Company Compliance monitoring standard
– Being responsible for planning the execution of the monitoring testing activities, including, among others and for example:
– Privacy Risks, identifying flags and managing up when necessary
– Privacy Assessments
– Binding Corporate Rules implementation
– Being responsible for performing the monitoring and testing activities through regular and ad-hoc tasks, both independently and in cooperation with the other members of the Privacy Office
– Being responsible for executing the monitoring of the evolution of privacy and data protections laws and regulations applicable to the organization, both independently and in cooperation with the other members of the Privacy Office
– Being responsible for building and keeping up-to-date a Privacy Monitoring Dashboard
– Being responsible for creating reports of completed and ongoing monitoring and testing activities both at country level and at group level
– Being responsible for updating stakeholders on the progress of activities and findings with reports, meetings and presentations and escalate significant findings to the Chief Privacy Officer
– Being responsible for supporting the internal and/or external Audit team(s) in the preparation and execution of the periodic Privacy audits and being in the lead for triggering the execution of potential remediation actions
– Contribute to the work of the Privacy Office in any other ways reasonably expected, including implementing Privacy Controls Framework, participating in projects/programs and workgroups and assisting with other priorities
– Periodically monitoring maturity level with regard to the areas of responsibility
– Carrying out Awareness activities with regard to the areas of responsibility
– Periodically reporting to the Chief Privacy Officer with regard to the areas of responsibility
There are several challenges/ issues facing the members of the Privacy Office in their role mainly relating to:
– Complexity of the global Privacy regulations – The Privacy domain has been constantly evolving all around the world and this is a company spread all around the globe. This makes the understanding, connection and operationalization of the different privacy requirements challenging and strategically important for the privacy compliance journey.
– Complexity of the organization – The organization is a fast growing and fast paced organization. This puts the management of the cross-boarder transfers of personal data within and outside of the organization constantly at the top of the privacy list.
– Fines and Consequences for Non-compliance – The organization must be able to demonstrate to the internal & external auditors and potentially privacy authorities that a privacy practice is in place, that the internal and external responsibilities are assigned and fulfilled, in order to mitigate the risks of not being compliant with internal and external privacy laws and regulations.
– Privacy culture – The organization is developing a privacy culture, gradually growing embedding privacy in the daily operations. The growth of the Privacy Maturity level is strictly related to the spread of privacy culture all around the organization.
– Personal Data Breaches – This organization processes an important amount of personal data, in cooperation with its data processors. Making sure that the data is adequately protected and that the potential personal data breaches are promptly and correctly addressed is key in order to mitigate the risks of non-compliance.
The key decisions a Privacy Monitoring Officer will need to make include:
– Prioritize Privacy Monitoring Planning planning, based on the Privacy Strategy and Privacy Control Framework
– Connect with the stakeholders being capable of getting them onboard and engaged
– Be structured, factual and practical when planning and reporting
– Escalate the issues at the adequate identifying adequate timings
– Build and maintain strong and positive relations with the relevant stakeholders
– Be capable to set and implement the role that the Privacy Office wants to play within the organization
The whole organization is part of the Privacy Office stakeholders. Every and each department, business, country, region may seek for privacy advices and/or being involved in privacy programs / projects.
The main stakeholders to team up with will be:
– Members of the Privacy Office / Privacy Network
– Employees, suppliers, customers, and other third parties, whose personal data we process;
– Senior executives (BoM, ExCom, and Supervisory Board) who are accountable for the development, execution and oversight of our privacy compliance program. They also set the ‘tone at the top’;
– The business (e.g., HR, IT, Info Sec, Corp Legal, Strategic Sourcing & Procurement, Sales, CS, etc.) and other team members who rely on our expertise and advice, Business unit representatives help ensure that privacy practices are being implemented and followed across the business and that the privacy team is aware of any privacy issues that arise within the business.
– (external) Privacy authorities and regulators, who have oversight of our privacy management practices and can issue fines and other penalties up to 4% of our global annual turnover.
The ideal candidate should have:
– 2+ years experience on Privacy
– Autonomy and ability to organize and prioritize high workload
– Understanding of Privacy related matters and the main Privacy processes
– Knowledge of audit/testing methodology
– Strong business orientation and flexibility
– Excellent planning and organizational skills
– Team-spirit, collaboration skills and ability to connect people and gain trust
– Excellent written/verbal communication and presentation skills. Fluency in English and preferably one other language
– Quality and risk-management orientation
Context of the position
The Privacy Office is part of the Privacy Practice, based on a dual-layers organization, composed by the Privacy Office itself and by the Privacy Network. The Privacy Office acts as focal point for all the privacy and personal data protection matters within the company and has the main duties to:
– define the Privacy strategy and framework, leading and overseeing its group-wide implementation,
– advise management on privacy and personal data protection related risks (i.e. through DPIAs),
– define privacy controls / actions and monitor their implementation,
– define and monitor the privacy awareness program,
– handle privacy related requests and personal data breaches,
– launch and coordinating specific special programs and projects.
The pending approval of the organization her Binding Corporate Rules (BCRs), relating to the international transfer of data, will expand the scope of the personal data protection legal requirements to other regions and additional stakeholders (employees and business partners) in these regions. This may lead to an increased workload within the Privacy Office
Solliciteer in vier simpele stappenReply now Op naar de ideale match!
1 van 4Vul je gegevens in
Via onderstaande knop kun je je gegevens achterlaten en je CV uploaden.
2 van 4Wij nemen contact met je op
In een eerste kennismakingsgesprek spreken we je wensen door, je ambities en drijfveren.
3 van 4Persoonlijk gesprek
We stellen je voor aan de klant, je wordt uitgenodigd voor een persoonlijk gesprek.
4 van 4Contract besprekingen
Bij een match bespreken we samen met jou en de klant alle details door.