Director, Data Protection Officer in Weybridge, Surrey at Royal Caribbean Group

Date Posted: 3/4/2021

Job Snapshot

Employee Type:

Full-Time
Location:

Weybridge, Surrey
Job Type:

Legal
Experience:

Not Specified
Date Posted:

3/4/2021

About Us

Royal Caribbean Group comprises six distinctive companies that share a vision anchored in excellence. We have a common passion for creative thinking, innovative engineering and outstanding guest service that drives continuous improvement in everything we do. The entire Royal Caribbean family is committed to the legacy of hospitality and culture of innovation that is at the core of our guest service, the protection of our natural environment and responsible citizenship in our global community.

Job Description

Journey with us! Combine your career goals and sense of adventure by joining our exciting team of employees. Royal Caribbean Cruises Ltd. is pleased to offer a competitive compensation & benefits package, and excellent career development opportunities, each offering unique ways to explore the world.

Position Summary:
This position will serve as the subject matter expert for data privacy laws and regulations for the company, providing guidance and direction to our global business. Working closely with the Legal/Compliance leadership team and the business, the DPO will have those responsibilities described in Article 39 of the EU’s General Data Protection Regulation (“GDPR”) and will play a critical role in continuing to build, develop and deliver Royal Caribbean’s global data privacy program to ensure compliance with applicable data privacy laws and regulations, including the GDPR.

Essential Duties and Responsibilities:

Keep abreast of legal and regulatory changes in data privacy laws and regulations, assess their impact on the business, and manage the implementation of any business changes/practices.
Draft and update data privacy policies, procedures, processes and controls in line with applicable data privacy laws and regulations, including the GDPR
Provide guidance and direction in relation to data processing, privacy issues, data subject access requests, and breach management and response
Work cross-functionally to resolve individual privacy compliance issues/questions and investigations, assessing causes, developing corrective actions, and ensuring consistent application of corrective actions
Advise on the data privacy impact assessment process and perform as necessary
Liaise with IT and Information Security departments on security assessments which impact personal data
Work closely with Supply Chain and Information Security departments to conduct and/or review data privacy impact assessments and privacy aspects of supplier contracts and third-party agreements.
Serve as an advisor in the context of selection of new technologies and IT’s roadmap including drafting, negotiating and reviewing data processing agreements with suppliers
Maintenance of up-to-date records of processing activities
Interact with business to advise upon and record new or changed processing activities
Perform scheduled and ad-hoc reviews of data processing activities
Develop and deliver privacy compliance training and awareness activities
Serve as the point of contact and coordinate with business to respond to data subject requests
Establish safeguards to apply to mitigate risks to the rights and interests of data subjects
Report on a timely basis, and in adequate format, of significant compliance issues and relevant updates, to the Legal/Compliance leadership
Coordinate with IT and Information Security on review of potential data breaches
Manage the analysis and possible notification of data breaches, and registrations (including filings where necessary) with the relevant data protection authorities
Act as the point of contact for data privacy supervisory authorities and oversee implementation of data privacy processes and procedures applicable to individuals whose data is processed (employees, customers, etc.)

Job Requirements

Qualifications, Knowledge, and Skills:

Legal degree required
Seven (7) years’ experience at a large law firm, corporate legal department or equivalent compliance function, with significant experience in privacy matters
Expert knowledge of key aspects of privacy laws in the EU and other countries. Especially an expertise in national and European data protection laws and practices and an in-depth understanding of the GDPR
The ability to fulfil the tasks required of a DPO under Article 39 GDPR
Experience advising clients on the privacy implications of social media, cloud-based services, and global marketing campaigns that leverage mobile platforms
Fluency in information technologies and an understanding of data security
Ability to promote a data protection culture within the organization
Highly effective written, oral and interpersonal communication skills to address a wide variety of sophisticated audiences
Must be able to clearly communicate with data subjects and cooperate with the supervisory authorities
Experience interacting directly with law enforcement personnel or privacy and data protection authorities and regulators
Ability to understand RCL’s mission and core operations
Able to react quickly and confidently to advise on and manage a data breach incident and subject access requests
Preferred: Certification or membership in data privacy associations

It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. RCL and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.

Apply Not ready to Apply?

Director, Data Protection Officer in Weybridge, Surrey at Royal Caribbean Group

Job Snapshot

About Us

Job Description

Job Requirements

CHECK OUT OUR SIMILAR JOBS

Stay Connected!