Reporting directly into the Chief Risk Officer and with a dotted line into the European Data Protection Officer, the Head of Data Protection will have overall responsibility for the governance of data protection in Paddy Power Betfair. This will include playing a critical role in continuing to build, develop and deliver Paddy Power Betfair’s data protection and privacy programme to ensure compliance with data protection and privacy laws, including the GDPR.
This is what you’ll be doing:
This role will manage the data protection team in Paddy Power Betfair and will provide the leadership and training structures to develop the team. The Head of Data Protection will, in accordance with Article 39 of the GDPR, have responsibility to, among other duties:
- Develop and rollout the suite of Paddy Power Betfair data protection policies, across all European locations.
- Oversee training and raise awareness internally on data protection and privacy, across all European locations.
- Monitor compliance with the GDPR, European and national data protection laws and Paddy Power Betfair policies, including conducting regular internal compliance checks.
- Reporting on Paddy Power Betfair’s compliance with the GDPR to Senior Management and the Paddy Power Betfair Board.
- Inform and advise Paddy Power Betfair on all issues relating to data protection and privacy.
- Provide advice on data protection impact assessments under Art. 35 of the GDPR.
- Report risks and data breaches to the senior management team, in line with the Paddy Power Betfair Breach Notification Policy.
- Consult and engage with relevant Data Protection Authorities, including ensuring regular briefings and maintaining accurate and up-to-date records demonstrating GDPR compliance
- Handle internal and external queries in relation to data protection investigations and practices.
- Keep informed of data protection and privacy practices and the regulatory and legislative framework in the European region. Ensure business is aware of upcoming changes and that processes are appropriate to implement changes as and when they are required.
- Review key business changes to understand their potential data protection impacts, to ensure the business is aware of those impacts, and that they are appropriately managed.
- Review emerging technologies and potential process improvements to improve data protection capabilities.
The successful individual will have the ability to drive a data protection and privacy culture within a large multi-national organisation. You will require excellent communication and organisational skills, which support the delivery of compliance requirements across the business. You will also be required to lead a team of subject matter experts and provide development and career growth opportunities for that team that aligns to the requirements of the business.
Education, Qualifications & Experience
In order to fulfil the role:
- You will need a minimum of 6-10 years Compliance experience, with a minimum of 3 years recent/current experience in Data Protection/Privacy.
- Current and practical knowledge of data protection and privacy, with the ability to manage both the operational and strategic objectives of the team.
- Certified Privacy Professional (CIPP/e) or other relevant qualifications
- Experience working in a fast-paced technology company would be an advantage.