Data Protection Correspondent BNP Paribas
Data Protection Correspondent BNP Paribas
Reference12355704
- Permanent
- ES-Madrid-Madrid
- RISK
GROUP BNP PARIBAS
AM & WM Data Protection Correspondent is the AM & WM data protection conductor, and provides expertise on data protection topics related to activities. Data protection correspondent ensures projects and activities are properly done in the light of data protection requirements (not only GDPR).
Scope specificities
Local Data Protection Correspondent intervenes on the behalf of DPO. His missions are:
· To assist DPO and subsidiaries/entities on leading data protection authority activities (run and stock)
· To contribute to role development by validating data protection requirements for new activities, new products, services or specific operations, and to carry a technical assistance
· To ensure data protection requirements are taken into account into projects (privacy by design)
· To receive, process and advise internal and external local solicitations about data protection
· To receive, process and advise requests from data subjects, subcontractors and partners etc.
· To itemise existing processes and identify breaches regarding data protection requirements (local regulation & GDPR requirements)
· To contribute to perform risk assessment on personal data breaches
· To contribute to the identification and notification process for data protection violations according to defined procedures and GDPR requirements
· To realize effectiveness for data protection controls and to ensure expected reportings
· To ensure regular reporting to DPO about the activity
Common management core
Local data protection correspondent intervenes on all or part of the following activities:
To contribute to relevant data protection and GDPR activities realisation
· To guarantee required norms and methods definition and application to a company’s good data protection risks apprehension (follow-up of projects, information systems adaptation, declarations conception and maintenance, subcontractors contracts analysis, follow-up on control plans reporting, etc.)
· To guarantee advice and assistance to strategical program ongoing.
To guarantee the defined by DPO global strategy implementation:
- To define action plans and corrections related, and to ensure application
- To alert DPO when activity is under operational risk (non-appropriateness between needs and resources, etc.), to propose correction solutions and to implement those solutions
- To contribute to continuous efficiency improvement and to any optimisation process
- To contribute to operational activities achievement
- To adjudicate or mediate DPO engaging decisions, emergencies and escalated issue
- To contribute to permanent control actions
- To contribute to perform LOD2 controls and challenge LOD1
- To contribute to perform the check and challenge of the RCSA
- To contribute to RISK ID exercise
- To contribute to OR&C report
- To contribute to Internal Control Committee
- To ensure a professional network development
REQUIREMENTS
Studies
- Educational background: Legal and/or IT Master degree level. A data protection / numeric / protection rights specialization is preferable.
- Experience: You have a first experience (at least 5 years) in a position related to Compliance / Security. You have IS knowledge and manage data protection regulation and IT security procedures. Professional English required.
Ideal applicant knows how to bring concrete and operational solutions according to business as to take hindsight and a measured look.
- English Fluent / French is a plus (Optional)
- To know how to assess maturity level of the existing facility about Data Privacy
- To have a professional face-to-face or phone discussion in a foreign language
- To prioritize
- To efficiently manage several topics at the same time
- To issue advice / recommendation taking into account every parameters
- To have an efficient speaking communication
- Training programs, career plans and internal mobility opportunities, national and international thanks to our presence in different countries.
- Diversity and Inclusion Committee that ensures an inclusive work environment. In recent years, several employee communities have been created to organize diversity and inclusion awareness actions (PRIDE, We Generations and MixCity).
- Corporate volunteering program (1 Million Hours 2 Help) in which employees can dedicate time out of their working hours to volunteer activities.
- Flexible compensation plan.
- Hybrid telecommuting model (50%).
- 31 vacation days.