在30天內,您最多可以申請三個職位。請注意 : 職位一經申請即無法撤回,請審慎選擇符合您期待的職位。您可以在"您的求職空間"查看您已申請的職位。

London
Legal
Full - Time
06-Nov-2020

The Head of Data Protection and UKI Data Privacy Officer (DPO) is responsible for supervising L’Oréal UKI’s compliance with data protection and privacy laws and ensuring consistency and alignment with Group data protection and privacy policies and guidelines. This is a Maternity Cover.

REPORTING LINE

·     Report to General Counsel, L’Oréal UKI.

DIRECT REPORTS

·     Junior Privacy and Digital Counsel will report into this position.

TASKS AND DUTIES

1.     locally set up, drive, implement and maintain data privacy program

·       Lead the Data Privacy Program for L’Oréal UKI, provide expert advice and support across all business areas on data protection and privacy laws, compliance, and best practice.

·       Oversee and support the development and maintenance of data protection policies and guidance.

·       Ensure effectiveness of Group and local data protection policies and procedures (including assisting in data subject requests, personal data breaches and vendors management), and recommending amendments as applicable.

·       Liaise with IT Security to ensure that appropriate security measures/controls are implemented.

·       Prepare, adapt and negotiate standard data protection contractual clauses and processes (including outsourcing and data transfer agreements where applicable) with consumers, customers, employees, and suppliers.

·       Animate a Data Privacy Committee with key local Executive Leadership Team stakeholders (e.g. Legal, IT, Digital, Marketing, HR), and provide updates on business areas impacted by changing laws and guidance.

·       Animate a Data Privacy Network of Data Privacy Champions from across business divisions.

·       Implement, monitor and report on Group and local Governance Programmes.

·       Liaise and coordinate with Group DPO, Head of Data Privacy Zone, and Group Data Privacy stakeholders.

·       Report regularly to Country Management Committee on the Data Privacy program, evolution of regulations and risk exposure.

·       Manage and support the Junior Privacy and Digital Counsel.

2.     Monitor local entity’s data privacy compliance

·       Provide operational guidance to the business on data protection law, compliance, and best practice, including in relation to data sharing, data transfers, privacy by design, data breaches, data subject rights, and marketing.

·       Monitor documentation of processing activities (including addition into the Register of Processing Activities).

·       Cooperate with Data Protection Authority and be its main point of contact.

·       Review and negotiate if need be any data protection contractual clauses with customers and providers.

·       Review and assess local projects for data protection risk, and make appropriate and pragmatic recommendations to ensure data privacy compliance (including supporting on data protection impact assessments).

·       Handle personal data breaches in coordination with relevant functions and Group DPO.

·       Monitor that data subjects’ requests are handled adequately and in a timely manner (including reviewing and updating existing processes).

3.     Raise and maintain internal awareness

·       Plan, manage and deliver training programs for all employees across all levels and business areas.

·       Communicate internally regularly, and organise internal events (such as local “Privacy Days”).

·       Keep up to date with proposed and actual changes in Data Protection Laws or guidance, and update teams as appropriate.

Required SKILLS:

·       Demonstrable experience as a qualified lawyer preferred, but candidates with specific privacy-related qualifications or experience will be considered.

·       Expert knowledge of Data Protection laws, regulations and practices.

·       Substantial experience advising on privacy and data protection in a fast-paced, in-house environment, preferably within Digital/technology/FMCG environment.

·       Confidence and experience to make complex decisions at pace and work with autonomy.

·       Good understanding of IT and Digital challenges.

·       Strong project management skills.

·       Solid communication skills to work in multi-national environments.

·       Ability to influence key stakeholders and manage relationships.

·       Build strong networks with, and gain the trust of, colleagues across local and global business by bringing a confident and solutions-focused mindset.

·       CIPP/E or similar certification would be beneficial.