Domaine: Systèmes d'Information

Type d‘emploi: Temps plein

Ville: Shanghai - Shanghai

Pays/Région: China

COUNTRY Data Protection officer

 

 

The country Data Protection Officer is responsible for implementing locally Group’s personal data protection policies and processes, for employees, consumers and service providers, in compliance with local law.  

 

 

RESPONSIBILITIES:

 

  1. Implement locally the Group Data Protection Governance program

 

  • implement data protection policies (in compliance with local regulations);

  • adapt procedures to ensure Group policies are effective (including privacy impact assessments, data subjects complaint handling procedures,…);

  • adapt standard data protection clauses for consumers, clients, service providers;

  • ensure with IT security that relevant measures guarantee compliance with data protection policies and procedures;

  • report to local Management and Group DPO on the data protection program implementation.

 

  1. Ensure local entity’s compliance on data protection

 

  • ensure documentation of processings incl. maintain a data protection register;

  • cooperate with the Data Protection Authorities and act as its contact point for any related privacy issues ;

  • review data protection clauses in customers’ and providers’ agreements;

  • assess internal tools’ privacy impact and make recommendations to ensure tools’ compliance

  • inform employees’ representatives or obtain their prior approval, with HR’s support ;

  • handle data breaches’ crisis situation with Group DPO and other relevant functions;

  • ensure that data subjects’ requests are handled adequately and in a timely manner;

  • inform country Management and Group DPO of new regulations which may impact activities.  

 

  1. Raise internal awareness

 

  • train all entity’s employees;

  • communicate internally regularly;  organize events, such as a “Data Protection Day”;

  • monitor the local evolution on data protection (participate to conferences and training)

 

 

Required SKILLS:

 

  • knowledge of local data protection law, regulations and practices;

  •  experience in working with Data Protection Authorities;

  •  understanding of IT challenges and business stakes

  • communication skills;

  • ability to manage projects;

  • ability to influence key stakeholders and manage relationships.