Data Privacy Specialist(freelance / colaborare SRL-PFA)

Adecco Permanent Placement is hiring a DATA PRIVACY SPECIALIST, for one of its clients, a global leader in the beauty industry, known for its innovative products and commitment to excellence.

• Law degree.
• Minimum 3 years of legal experience, preferably in data protection (lawyer status is an advantage).
• Relevant data protection certification (e.g. IAPP).
• Experience with One Trust - is an advantage.
• Knowledge of data processing operations specific to the company's sector.
• Knowledge of IT security.
• Experience in the FMCG industry – is an advantage.
• Excellent communication skills in legal English.
• Excellent Microsoft Office skills (Word, Forms, Outlook, OneDrive, SharePoint, PowerBI).
• In-depth knowledge of data protection legislation, regulations, and practices (professional certification mandatory).
• Good understanding of IT and digital challenges, as well as the needs of the business.
• Strong project management skills.

1. LOCAL DEPLOYMENT, MONITORING, AND IMPLEMENTATION OF THE DATA PROTECTION PROGRAM

• Defines, informs, and advises on data protection policies.
• Ensures effectiveness of Group and local data privacy policies and procedures (including assisting in data subject requests, personal data breaches, and vendor management).
• Ensures, together with IT Security, the implementation of appropriate security measures.
• Analyzes and adapts legal agreements concluded by the Company from the perspective of personal data processing.
• Coordinates, organizes, and provides support to committees with dedicated roles in personal data processing.
• Liaise and coordinate with Group DPO and Group Data Privacy stakeholders.
• Report regularly to Country Management Committee on the Data Privacy program, evolution of regulations, and risk exposure.

1. MONITORING THE LOCAL ENTITY'S COMPLIANCE WITH DATA PROTECTION

• Provides detailed operational guidance and recommends clear, actionable strategies aimed at ensuring full compliance with all relevant legal requirements and established internal regulations. By outlining specific protocols and best practices, this approach facilitates a robust framework for adherence and promotes a culture of accountability within the organization.
• Monitors the documentation of processing activities (including reflection in the Register).
• Cooperates with and serves as the main point of contact for the Data Protection Authority.
• Advises on notifications to be submitted to the Data Protection Authority.
• Reviews and negotiates, as needed, any data protection contractual clauses with clients and suppliers.
• Participates in the evaluation of internal projects and issues concrete recommendations to ensure their compliance with data protection requirements (including conducting DPIAs - Data Protection Impact Assessments, Transfer Impact Assessments).
• Manages crisis situations related to personal data breaches, in coordination with relevant functions and the Group DPO.
• Monitors the appropriate and timely management of data subject requests.
• Ensures strict adherence to the controller's technical and organizational policies by regularly reviewing and updating protocols to align with industry best practices and standards.
• Oversees the execution of comprehensive audits to evaluate operational efficiency and identify areas for improvement, ensuring that all processes meet regulatory requirements and organizational goals. 
• Promotes awareness of compliance issues, and delivers targeted training programs to enhance the knowledge and skills of personnel involved in processing operations.

1. INTERNAL TRAINING

• Ensures the existence and implementation of the training program for all employees.
• Communicates internally on a regular basis and organizes internal events.
• Keeps abreast of the latest status regarding Data Protection and participates in both internal and external specialist conferences and training sessions.