Data Privacy Analyst

Are you seeking an entry level role in data protection? Perhaps you are a proven analyst or keen on pursuing a data protection career?

In any scenario, if you have some experience of working or have worked in privacy, GDPR or data roles or are passionate about data protection, we want to hear from you.

Full training / ongoing development offered, plus the opportunity to progress your career and travel.

Data Privacy:

• Developing a data management program to manage global GDPR work streams, such as Data Mapping, Data Subject Rights and Data Protection Impact Assessments (DPIA).
• Building a data inventory and process-mapping the business to understand and document where our data sits and assessing any risks.
• Producing reports on our global privacy program and maintaining the Record of Processing Activities (ROPA).
• Supporting the wider Privacy Team to manage and assess new projects, initiatives, products and business processes through the DPIA process lifecycle.
• Monitoring ongoing compliance by conducting reviews of existing systems and processes, which may involve travel to international offices that are part of the GVC Group.
• Developing and carry out privacy training and awareness programs, including assisting with the delivery of group-wide communications.
• Researching and documenting future requirements driven by upcoming privacy legislation.

Operational:

• Managing and updating the OneTrust tool to monitor privacy compliance, which involves updating templates on the tool, configuring, adding and assessing risks and administrating access.
• Providing operational support to the wider privacy team where required, including;
  • New supplier due diligence review; and
  • Reviewing and redacting information/documentation prior to disclosure and creating acknowledgement/response templates, as part of the customer data subject access request process.
• Managing team mailboxes to respond to internal and external (e.g. customer) queries.

Data Governance:

• Supporting the design and implementation of the data governance framework.
• Operationalizing processes to support both privacy and data governance controls for managing data throughout the life cycle. This includes, data mapping, minimizing the data we hold, and creating data retention policies.
• Partnering with data governance and information security teams to develop data analytics capability and embed privacy through new technologies. This includes designing rules engines and privacy-by-default methodologies.

Technology:

• Reviewing existing GDPR work streams/processes and working with the technical teams or external tool providers on automated solutions, e.g. operationalizing data subject rights.
• Working with data visualization tools, such as PowerBI, Tableau and Qlik, to produce privacy dashboards and reports on the global privacy program.
• Collaborating with the information security team to operationalize GDPR and other privacy requirements.
• Auditing IT systems such as Databases (MS SQL, MySQL, Oracle), Business Intelligence programs and software tools (PowerBI, Tableau, Qlik).
• Performing data discovery exercises and managing the data into a suitable format.
• Understanding of technical terminology in order translate between the technical and privacy teams on regulatory requirements and technical solutions, for example data obfuscation techniques such as Tokenization, Anonymization, Pseudonymisation and Masking.