Data Protection Officer
Objective: To ensure our compliance with GDPR and local data protection laws, monitoring our adherence to GDPR standards and acting as a point of contact with supervisory authorities, suppliers, clients and data subjects. You will also create, implement and monitor relevant processes and policies that enforce compliance with legislation and deliver Information Security training to our staff to increase awareness of data protection measures.
- Act as more2’s point of contact for all data protection matters (including contact with data subjects, clients, suppliers, supervisory authorities and internal teams)
- Ensure all Subject Access Requests, right to erasure requests and queries are responded to appropriately within legal and internal timeframes
- Build and maintain an in-depth understanding of more2 technical infrastructure and operational processes in relation to the processing of personal data and assess their effectiveness in mitigating any data protection risks.
- Undertake regular audits of these operational processes to ensure that the controls in place are still effective, escalating concerns and providing guidance were possible
- Proactively identify and manage risks throughout more2 to reduce the probability and impact to an acceptable level
- Drive continuous data protection improvement within more2 by constructively challenging existing processes and procedures and advancing the more2 ISMS over time through training, testing, monitoring and improving systems / processes.
- Take an active role in and provide advice on how to conduct Data Protection Impact Assessments (DPIAs)
- Manage security and data incidents swiftly and effectively with minimal damage to more2, employees, client or other interested parties’ reputation
- Work with third-party stakeholders (including business partners, sub processors, suppliers, service providers and IT product vendors) to ensure that they clearly understand and comply with more2's privacy requirements.
- Attending Senior Team and more2 Holdings Board Meetings when requested to do so to report on data protection issues.
- Take ownership of those areas of the more2 risk register specifically related to data protection
- Participate in meetings with managers to ensure privacy by design at all levels
- Liaise with other organisations that process data on our behalf
- Own the relevant information security policies and play an active role in the approval process for all other information security policies
- Provide detailed guidance on how to deal with security events, incidents and breaches following up on any breaches to ensure more2 takes appropriate action
- Provide training on Information Security and GDPR compliance for employees
- Follow up with changes in law and issue recommendations to ensure compliance
- Monitor more2’s compliance with our obligations outlined in data processing agreements in place with clients and suppliers
- Ensure Data Processing Agreements are in place before any data is received or sent to third parties
· Experience in data protection and legal compliance
· Solid knowledge and understanding of GDPR and national data protection laws
· Knowledge of data processing operations in the company’s sector is preferable
· Familiarity with computer security systems
· Ability to handle confidential information
· Ethical, with the ability to remain impartial and report all non-compliances
· Organisational skills with attention to detail
· Excellent interpersonal skills
· Proactive and with a passion for the role
· Excellent communication skills
· Ability to troubleshoot, work under pressure, with changing priorities, and to tight deadlines
· Willing to be flexible when required in terms of work schedule
· Ability to work under own initiative but possess strong teamwork qualities
Who are more2?
We are the marketing science people - helping our clients make more confident and informed marketing decisions.
Our clients demand the best from us and we take our promise of helping them be more successful very seriously. That means we are constantly learning, experimenting and have to be at the forefront of marketing science. We innovate, are constantly curious and build partnerships with our clients that last decades. It is personal. And it’s incredibly rewarding, knowing your hard work has helped a client achieve results they didn’t realise was possible.
Our Company Benefits:
- Annual Season Ticket Loan
- Cycle to Work Scheme
- Subsidised Gym Membership
- Support on Professional Qualifications
- "Skint Nights" - monthly social event
- Birthday Brownies & Gift
- Loyalty Holiday (Extra Day for every year after 2+ years, up to 5 extra days)
- Summer Working Hours
- Summer Day Out
- Christmas Party