Data Protection Specialist
Unilabs Slovensko, s. r. o.
Place of workBratislava, Slovakia
Wage (gross)2200 eur/month
Job description, responsibilities and duties
In this role you will have a key role to play in the running and support of our Data Protection Unit (DPU). Our team is at the heart and start of all effective data protection controls and decisions, providing vital data protection oversight and management for all our operations across every Unilabs country.
You should enjoy a challenging, dynamic environment, be a self-starter and have worked in data protection either directly in industry or in professional services. Successful candidates will have a genuine passion for data protection and enjoy providing practical advice and hands on solutions in meeting regulatory and standards-based challenges, in particular for GDPR. You will be able to demonstrate excellent problem solving and communication skills. A naturally inquisitive person with a keenness to learn and broaden skills with a stakeholder-centric ethic.
As a data protection specialist and member of the DPU you will report to the DPU manager and provide support as required to the Group Data Protection Officer (DPO). Your role will support us in ensuring Unilabs continues to meet its data protection legal and regulatory obligations. The successful candidate must have a strong understanding of the General Data Protection Regulation ('GDPR'), while exposure to other global data protection laws would be a distinct advantage.
There is a significant advisory and cross-functional business partnering component to this role, with the successful candidate able to articulate thoughts clearly, plan initiatives, and execute with appropriate prioritisation and urgency. The successful candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change agent.
• Responsible for
o maintaining and managing the data privacy controls supporting Unilabs' Data Protection Operating Model, supporting people, process and technology related to data protection.
o Coordination of our geographically dispersed Local Data Protection Coordinators (LDPCs)
o The process for ensuring the management and mitigation of all key data protection risks throughout Unilabs.
• Support business stakeholders and LDPCs in understanding and maintaining
o the Data Processing Inventory (DPI) / Records of Processing Activities (RPA) including identifying the need for Legitimate Interest Assessments (LIAs)
o key policies and their enactment locally such as: Consent management; Complaints management; Retention management etc.
o local risk registers
• Ensure the business manages and responds to Data Subject Rights Requests and Personal Data Breaches in line with internal policies, regulatory requirements and timelines.
• Assist the DPU manager in
o managing leading and lagging metrics in the management of the DPU.
o developing and maintaining data protection policies, standards, processes, notices, and guidelines.
o interactions with the relevant Data Protection Authorities, where required.
• Work with procurement and other sourcing functions to oversee the operation of Vendor Risk Management and Due Diligence processes for requirements such as transfer impact assessments, need for specific transfer mechanisms (e.g. SCCs), data privacy risk assessments etc.
• Champion a data protection culture of Privacy by Design and Default throughout the business.
• Oversee, identify, track and assist, as necessary, the execution of Data Protection Impact Assessments (DPIAs).
• Support the DPO and DPU in championing a data protection culture by means of
o Privacy by Design and Default
o Data Protection awareness at all levels of the organisation
o Supporting the delivery of appropriate data protection general and specific training throughout the business.
• Participate in Data Protection projects and related programmes
• Keep up to date with key developments in data protection.
Employee perks, benefits
• International and multinational projects
• Interesting trainings sessions
• Very positive and friendly working environment
• Prestigious offices (no open space)
• Home-office 2 days per week
Requirements for the employee
Candidates with education suit the position
University education (Master's degree)
The position is suitable for a graduate
Personality requirements and skills
ESSENTIAL EDUCATION, QUALIFICATIONS AND SKILLS
• Academic and/or professional qualification or experience in data protection law (e.g. CIPP, CIPP, CIPM, CDPO etc)
• Minimum of two years of experience working in the field of data protection/privacy.
• Excellent verbal and written English communication skills including Microsoft office proficiency in Word, Excel and PowerPoint.
• Experience working in a team and interacting with multiple stakeholders
• Experience with data protection policies, standards, processes, and support models to achieve business objectives.
• Understanding of data protection risk assessments such as DPIAs, TIAs, LIA, etc.
• Strong knowledge of Data Protection regulations, including the GDPR, ePrivacy Regulations.
• Ability to work with various functions to identify feasible solutions to data protection requirements and challenges.
• Experience directly supporting business units on privacy issues is strongly preferred.
Desired but not essential experience:
• Understanding of other data privacy regulations (e.g. CCPA/CPRA, PIPL, LGPD, HIPAA, HITECH, UK GDPR, etc.,) and standards a distinct advantage
• Experience working with data protection systems e.g. OneTrust
• Ideally delivered elements of a privacy related change programme