Data Privacy and Security

Key Responsibilities:

• Identify compliance review requirements in coordination with the DPO and conduct periodic reviews.
• Periodically update data privacy and protection policies and procedures in alignment with applicable laws and regulations.
• Identify privacy training needs and develop training programs aligned with data protection laws, obtaining required approvals.
• Conduct periodic training sessions with HR and department-level Privacy Champions to drive privacy awareness.
• Maintain records of processing activities for all personal data processing operations.
• Conduct Privacy Impact Assessments (PIA) and Data Privacy Impact Assessments as required; update the Privacy Risk Register and report delays to the DPO.
• Assist Legal and Business Owners in drafting privacy notices, cookie policies, consent banners, and related privacy documentation.
• Promote Privacy by Design principles and support business owners, technology teams, and IT stakeholders.
• Handle data subject rights requests, maintain the request register, and ensure proper communication of responses.
• Ensure Third Party Risk Management procedures comply with relevant privacy regulations.
• Assist Procurement in conducting third-party risk assessments, negotiating agreements, and performing privacy-related due diligence.
• Conduct due diligence on third-party privacy and data protection practices, establish Data Processing templates, and verify contractual guarantees.