Privacy Officer / Data Protection Officer

The Privacy Officer (PO or DPO) ensures that the staff, customers, users, providers, and any other individuals’ data processed by the company, is in compliance to the applicable data protection rules.

Responsibilities of this role include:

  • Ensure that controllers and data subjects are informed about their data protection rights, obligations and responsibilities.
  • Give advice and recommendations to the company about the interpretation or application of the data protection rules.
  • Promote awareness on the importance of data processing within the company.
  • Ensure data protection compliance.
  • Handle queries requested by the institution, the controller, other person(s).
  • Maintain records of all data processing activities.
  • Identify any failure to comply with the applicable data protection rules.
  • Act as the point of contact between the company and the relevant supervisory authority.

Competencies of this role include:

  • Understanding the threats and risks associated with different levels of protection and sharing of information.
  • Understanding the organisation’s operating environment, policies, strategic objectives, and risk profile.
  • Ability to communicate effectively,
  • Ability to develop and manage relationships with internal stakeholders and members of the public.
  • Knowledge of data protection law and practices.
  • Ability to work independently.

Company holding (or in process of obtaining) an ISO27001 certificate, meaning that all team members will need to comply to set Information Security Management System (ISMS) rules and procedures. These rules will be communicated during onboarding and can be subject to change. Yearly, a Security Awareness training is organized for all team members and changes will be internally communicated when needed.