Job Title: Head of Data Protection
Reporting Line: Chief Risk Officer
Job Location/Office: Dublin
NB – This is a 12 month FTC Maternity Cover Role
Reporting directly into the Chief Risk Officer, the Head of Data Protection European Data Protection will have overall responsibility for the governance of data protection in Paddy Power Betfair. This will include playing a critical role in continuing to build, develop and deliver Paddy Power Betfair’s data protection and privacy programme to ensure compliance with data protection and privacy laws.
This is what you’ll be doing:
The Head of Data Protection will, in accordance with Article 39 of the GDPR, have responsibility to, among other duties:
- Develop and oversee the suite of Paddy Power Betfair data protection policies, across all European locations.
- Oversee training and raising awareness internally on data protection and privacy, across all European locations.
- Monitor compliance with the GDPR, European and national data protection laws and Paddy Power Betfair policies, including conducting regular internal compliance checks.
- Reporting on Paddy Power Betfair’s compliance with the GDPR to Senior Management and the Paddy Power Betfair Board.
- Inform and advise Paddy Power Betfair on all issues relating to data protection and privacy.
- Provide advice on high risk processing operations where a data protection impact assessment is required under Art. 35 of the GDPR.
- Report risks and data breaches to the senior management team, in line with the Paddy Power Betfair Breach Notification Policy.
- Ensuring regular briefings for the business on data protection and privacy matters and maintaining accurate and up-to-date records demonstrating GDPR compliance.
- Handle internal and external queries in relation to data protection investigations and practices and act as a point of contact with relevant Data Protection Authorities.
- Maintain an expert knowledge of data protection law and practices and keep informed of the regulatory and legislative framework in the European region. Ensure business is aware of upcoming changes and that processes are appropriate to implement changes as and when they are required.
- Review key business changes to understand their potential data protection impacts, to ensure the business is aware of those impacts, and provide advice and input on new data processing initiatives.
- Review emerging technologies and potential process improvements to improve data protection capabilities.
The Head of Data Protection may be required to fulfil additional tasks and duties provided they do not result in a conflict of interests.
- Excellent analytical and writing skills together with sound strategic and tactical understanding of handling current policy issues.
- Demonstrated ability to find practical, pragmatic and creative solutions to compliance issues.
- Professional, assertive and confident, able to operate credibly with the most senior stakeholders.
- Excellent people management capabilities and a track record of managing high performance professional teams.
- Strong influencing capabilities.
Education, Qualifications & Experience
- Educated to degree level. Additional data protection and privacy certifications (e.g. IAPP CIPP/E) and information technology or project management certifications would be an advantage.
- Detailed knowledge of data protection and privacy practices and the regulatory and legislative framework in the European region. A proven track record of dealing with data protection and privacy issues for multi-national organisations.
- Sufficient knowledge and understanding of technology to be able to appropriately question and assess technical solutions to data protection and GDPR requirements.
- Strong knowledge of and interest in emerging technologies and their potential impacts on data protection and privacy.
- Good knowledge of Paddy Power Betfair’s business models, products and platforms.