Data Protection Manager for the Data Protection Unit
Unilabs Slovensko, s. r. o.
Place of workBratislava, Slovakia
Wage (gross)3500 eur/month
Job description, responsibilities and duties
In this role you will have a key role to play in the management our Data Protection Unit (DPU). Our team is at the heart and start of all effective data protection controls and decisions, providing vital data protection oversight and management for our operations in all countries.
You should enjoy a challenging, dynamic environment and have strong management skills coupled with experience in data protection gained in industry or professional services. Successful candidates will be experienced in providing practical advice and hands on solutions in meeting regulatory and standards-based challenges, in particular for GDPR. You will be able to demonstrate excellent problem solving and communication skills. A naturally inquisitive person with a keenness to learn and broaden skills with a stakeholder-centric ethic.
The Data Protection Manager will support the Group Data Protection Officer (DPO) and manage the DPU to ensure Unilabs continues to meet its data protection legal and regulatory obligations. The successful candidate must have a strong understanding of the General Data Protection Regulation ('GDPR'), while exposure to other global data protection laws would be a distinct advantage.
There is a significant advisory and cross-functional business partnering component to this role, with the successful candidate able to articulate thoughts clearly, plan initiatives, and execute with appropriate prioritisation and urgency. The successful candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change agent.
• Responsible for maintaining and managing the data privacy controls supporting Unilabs' Data Protection Operating Model across people, process and technology related to data protection.
• Manage a team (unit) of centralised data protection professionals and geographically dispersed Local Data Protection Coordinators (LDPCs)
• Manage and ensure mitigations for all key data protection risks throughout Unilabs.
• Support business stakeholders and LDPCs in understanding, maintaining, overseeing:
o the Data Processing Inventory (DPI) / Records of Processing Activities (RPA) including identifying the need for Legitimate Interest Assessments (LIAs)
o key policies and their enactment locally such as: Consent management; Complaints management; Retention management etc.
o local risk registers
• Ensure the business manages and responds to Data Subject Rights Requests and Personal Data Breaches in line with internal policies, regulatory requirements and timelines.
• Assist the Group DPO in
o creating and maintaining leading and lagging metrics in the management of the DPU.
o developing and maintaining data protection policies, standards, processes, notices, and guidelines.
o interactions with the relevant Data Protection Authorities, where required.
o or act as delegate for the DPO in the various forums and stakeholder governance meetings
Effectively communicate the status of the Data Protection programme to the Senior Leadership team and other stakeholders;
assist the DPO in managing and reporting on applicable KPIs and metrics.
• Work with procurement and other sourcing functions to oversee the operation of Vendor Risk Management and Due Diligence processes for requirements such as transfer impact assessments, need for specific transfer mechanisms (e.g. SCCs), data privacy risk assessments etc.
• Champion a data protection culture of
o Privacy by Design and Default
o Data Protection awareness at all levels of the organisation
o Ensuring appropriate data protection general and specific training is delivered throughout the business.
• Oversee, identify, track and assist, as necessary, the execution of Data Protection Impact Assessments (DPIAs).
• Lead Data Protection projects and programmes as DPO delegate as required
• Keep up to date with key developments in data protection impacting all our territories.
Employee perks, benefits
• International and multinational projects
• Interesting trainings sessions
• Very positive and friendly working environment
• Prestigious offices (no open space)
• Home-office 2 days per week
Requirements for the employee
Candidates with education suit the position
University education (Master's degree)
The position is suitable for a graduate
Personality requirements and skills
ESSENTIAL EDUCATION, QUALIFICATIONS AND SKILLS
• Professional qualification/certification or experience in data protection law is essential (e.g. CIPP, CIPP, CIPM, CDPO etc)
• Minimum of five years of experience working in the field of data protection/ privacy.
• Self-starter with strong interpersonal, written, and verbal skills in English with a proven ability to educate, inform, negotiate and achieve understanding and consensus on needs across different functions, levels and customers.
• Experience managing a team and multiple senior stakeholders
• Experience implementing data protection policies, standards, processes, and support models to achieve business objectives.
• Experience conducting or overseeing data protection risk assessments such as DPIAs, TIAs, LIA, etc.
• Strong knowledge of Data Protection regulations, including the GDPR, ePrivacy Regulations.
• Ability to work with various functions to identify feasible solutions to data protection requirements and challenges.
• Microsoft office proficiency in Word, Excel and PowerPoint.
Desired but not essential experience:
• Understanding of other data privacy regulations (e.g. CCPA/CPRA, PIPL, LGPD, HIPAA, HITECH, UK GDPR etc.,) and standards a distinct advantage
• Experience working with data protection systems e.g. OneTrust
• Ideally delivered elements of a privacy related change programme
• Experience directly supporting business units on privacy issues is strongly preferred.