Brief Role Description
The Specialist: Regional Data Protection Advisor, collaborates with the business to navigate evolving privacy standards and supports the Chief Data Protection Officer in implementing the Data Protection Compliance Management System in the business which includes South Africa and its African Subsidiaries
Possible Tasks within this Role
Contact point for and coordinate Privacy Leads in the business entities regarding Privacy implementation.
Be a privacy subject matter expert and advise the Region Africa entities on privacy and data protection matters for the day to day business including the development of new products, services and initiatives
Attend to data requests by Data Subjects and Third Parties in terms of the Promotion of Access to Information Act (PAIA)
Prepare and Deliver Training to the companies entities about their obligations under the local regulatory requirements, the Company Policy OD 2 and any other applicable EU data protection laws which may have an impact on the Volkswagen operational activities on the African continent.
Support contract negotiations and advise on Data Processing Agreements and Data Privacy Impact Assessments.
Support Data Protection / Privacy Office responsibilities for Privacy by Design of business strategy as well as implementation of necessary technical organizational measures (TOMs)
Conduct gap analysis and develop solutions with the business to remediate any gaps.
Draft and advise on data protection related documentation: privacy notices, policies and procedures and data subject access requests
Exercise judgement and ability to manage competing deadlines
Collaborate with Legal Services to identify privacy related legal issues with potential cross functional impact.
Ensure Privacy by Design processes are embedded into the business
Liaise, partner and act as a contact point for data protection regulatory bodies on matters relating to the processing of personal data and other matters.
Partner with the Chief Information Security Officer and the business to investigate and manage potentional breaches/instances of non-compliance to support prompt and accurate reporting.
Keep abreast of respective (both local and international) regulatory legal developments, trends and guidelines in data and privacy risk. Analyze proposed and (newly) enacted laws, regulations and provide guidance for their impact on the company's existing processes, as it relates to data and privacy risk
Partner with Group Data Protection of the business in order to enable a constant exchange of ideas, developments and trends of all matters regarding data protection and privacy compliance
Qualification requirements
LLB (Bachelor of Laws) or equivalent
Admitted attorney in South Africa
Experience needed
3+ years post admission experience
Essentials
Working knowledge of privacy law
CIPP/E, CIPP/US or similar (preferred)
Experience drafting policies and procedures (preferred)
Strong commercial understanding and excellent interpersonal skills
Must be experienced in use of SharePoint, MS Office (Excel/Word/Powerpoint etc).
Understanding of cross over between legal, IT and data security requirements