Regional Data Privacy & Compliance Counsel (m/w/d)
Under the direction of the Director, Global Compliance, this position has responsibilities in two aspects:
Ensure YFAI compliance with EU GDPR and other data privacy laws where applicable;
Ensure global compliance activities are executed in the region.
- Closely work with the Director, Global Compliance, to design and implement the Data Privacy Compliance Program with priority to EU GDPR compliance and expansion to data privacy laws in other jurisdictions based on risks.
- Act as the focal point for data privacy related matters and provide timely and practical advice to the business in the region.
- Manage the Data Privacy Compliance Program using OneTrust system.
- Lead the Data Privacy Office including representatives from HR, IT and IT Procurement.
- Support business and IT owners to complete privacy assessment in the implementations of new IT applications.
- Support business and IT owners to complete the privacy assessments for legacy IT applications and personal data processing activities. Support
- country Data Protection Officers to fulfill their tasks required by law in the EU region.
- Work with cross-functional stakeholders to complete questionnaires, including PIA and DPIA for assets or processing activities and ensure records are complete and update in OneTrust.
- Negotiate, draft and execute privacy provisions in the contracts with third party vendors.
- Work with functional stakeholders and provide advice to support the launch and/or maintenance of business activities related to personal data, e.g. facility camera system, website, etc..
- Manage the Data Privacy Compliance program and track the implementation status with regular update to the Director, Global Compliance.
- Support, coordinate and perform data privacy trainings. Work with HR to ensure completion. Design e-learning module when necessary.
- Review the existing data privacy BOS or create new BOS when necessary.
- Lead the data privacy audit activities as requested by third party audit firm or government authority.
- Use Nymity to track the law developments in the data privacy area globally where YFAI operates, particularly GDPR in EU.
- Closely work with the Global Compliance team to implement the Global Compliance Program initiatives in the region.
- Collaborate with stakeholders in the region in identifying barriers to compliance implementation and assist in removing barriers to ensure program implementation success.
- Closely work with the regional communications team to ensure the effective and regular promotions of the Culture of Integrity.
- Coordinate Integrity and Compliance training logistics (besides Data Privacy). This includes deployment and management of e-learning and face-to-face trainings and workshops planned as part of the Global Compliance Program.
- Appropriately store and record the Compliance Program related evidences (besides Data Privacy), which include training, communications and investigations records.
- Support and/or lead in the regional Compliance investigation projects and provide updates to the Global Compliance team and regional leadership.
German Bar qualified (2. State examination in law).
3-5 years PQE in legal or compliance areas.
Experience of working with cross-functional stakeholders, e.g. legal, Purchasing, IT, HR.
Program management skill or experience is a plus.
Experience in manufacturing or automotive industry is a plus.
High ethical and integrity standard.
Knowledge of GDPR and the related Data Privacy laws and regulations, particularly in the EU region.
Excellent interpersonal skills in both written and oral communications.
Abilities of drafting and negotiating appropriate privacy provisions in vendor contracts.
Abilities of finding practical, pragmatic and creative solutions to compliance matters.
Capable of influencing others and facilitating change management.
Proficient in Microsoft office, powerpoint, excel and word.
läuft aus am