Data Privacy Governance
Ensure the organization’s compliance with applicable data protection laws in the markets that the company operates in, including GDPR (where applicable), regional frameworks, and local privacy laws.
Develop and implementing internal privacy policies and procedures that align with legal requirements and industry standards and ensure that the same are updated in line with the set update periods.
Monitor changes in privacy regulations and advise the organization on necessary adjustments.
Keep a record of the business compliance obligations and monitor the compliance obligations including supporting the registration of the Various OpCos as data controllers and data processors.
Data Privacy Management
Regularly test the compliance requirements that are set out in the Privacy policies and Privacy Notices to ensure compliance to the same. E.g. testing of the cookies policy.
Conduct Data Privacy Impact Assessments (DPIAs) to identify and mitigate risks associated with data processing activities, particularly those involving personal data.
Guide product teams on implementing measures to minimize privacy risks and manage the implementation of Privacy by Design throughout the organization.
Audit the legacy products and projects to ensure that they are compliant with the data privacy policy and data privacy laws requirements e.g. Audit of the Various Airtel Apps. Assess the privacy practices of third-party vendors and other third parties that the company shares personal data with.
Evaluate the data protection practices of third-party vendors and service providers, ensuring they meet the company standards for data security and privacy.
Review and advise on data protection clauses in contracts and agreements with vendors.
Collaborate with the legal and IT departments, and business stakeholders to ensure that data collection, storage, processing, and sharing are aligned with the applicable laws and standards across the OpCos where the company operates in.
Assist with data subject access requests, data deletion requests, and other privacy-related inquiries from individuals
Support the OpCo DPOs in privacy management initiatives.
Act as the point of contact for data protection incidents and breaches, coordinating response efforts and ensuring timely reporting to relevant authorities and affected individuals as needed and maintain accurate records of incidents
Work with cross-functional teams to investigate incidents, assess impact, and implement remediation measures
Training and Awareness
Develop and deliver training programs to enhance staff awareness of data privacy obligations including annual mandatory data privacy trainings to all employees.
Conduct training and capacity building sessions for OpCo DPOs and DPO Spocs
Promote a culture of privacy compliance and accountability across the organization.
Reporting
Prepare routine and ad-hoc compliance reports to the Enterprise Risk Committee and to the Board Audit & Risk Committee.
Support the OPCOs in the preparation and review of privacy reports to their local Boards.
Engagement with stakeholders at Group and OpCo on Board report.
Qualifications
Key Competencies
Fluency in both English and French is desired
In-depth knowledge of data privacy laws across Africa, the GDPR, and regional frameworks like the AU Convention on Cybersecurity and Personal Data Protection.
Proven experience in data protection compliance, preferably in telecommunications, financial services, fintech, technology or related sectors.
Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
Analytical mindset with the ability to assess complex data protection issues and propose practical solutions.
Experience in conducting data protection impact assessments and managing data protection incidents.
Familiarity with privacy-by-design principles and their application in product development.
Ability to work independently and manage multiple projects simultaneously
Education Background
Bachelor’s degree in law, Business, Finance, Computer Science, or related field.
Minimum 7 years work experience with hands- on experience developing and implementing Data Privacy compliance programs
A certification related to data privacy, such as the Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT) or Certified Information Privacy Manager (CIPM)
Apply via :
erey.fa.em3.oraclecloud.com