GDPR Data Protection Officer Job Description

Job Brief

We are looking for a Data Protection Officer (DPO) to ensure our company is compliant with the General Data Protection Regulation (GDPR.)

The DPO will report to our senior management. Data Protection Officer responsibilities include advising on our compliance with GDPR and local data protection laws, monitoring our adherence to GDPR standards and acting as a point of contact with supervisory authorities and data subjects. You will also create policies that enforce compliance with legislation and deliver GDPR trainings to our staff to increase awareness of data protection measures.

To be successful in this role, you should have in-depth knowledge of GDPR and local data protection laws and be familiar with our industry and the nature of its data processing activities. You should also know how to perform audits to our current procedures.

Ultimately, you will facilitate GDPR compliance through transparent data protection policies, systems and procedures.

Responsibilities

• Act as point of contact with EU residents, supervisory authorities and internal teams
• Identify and evaluate the company’s data processing activities
• Provide advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs)
• Monitor data management procedures and compliance within the company
• Participate in meetings with managers to ensure privacy by design at all levels
• Maintain records of processing operations
• Ensure we address all queries from data subjects within legal timeframes (e.g. delete their information from our databases)
• Liaise with other organisations that process data on our behalf
• Write and update detailed guides on data protection policies
• Perform audits and determine whether we need to alter our procedures to comply with regulations
• Offer consultation on how to deal with privacy breaches
• Arrange for training on GDPR compliance for employees
• Follow up with changes in law and issue recommendations to ensure compliance

Requirements

• Experience in data protection and legal compliance
• Work experience in data protection and legal compliance is a plus
• Solid knowledge of GDPR and national data protection laws
• Knowledge of data processing operations in the company’s sector is preferrable
• Familiarity with computer security systems
• Ability to handle confidential information
• Ethical, with the ability to remain impartial and report all noncompliances
• Organizational skills with attention to detail