Plan International is an independent development and humanitarian non-profit organisation that advances children’s rights and equality for girls. We support children’s rights from birth until they reach adulthood, and enable children to prepare for – and respond to – crises and adversity. We believe in the power and potential of every child, but know this is often suppressed by poverty, violence, exclusion and discrimination.
We are recruiting to fill the position below:
Job Title: Data Privacy Manager
Reports to: General Counsel
Type of Role: Permanent or maximum fixed term contract
- The Governance & Executive Department is part of our Global Hub and provides advice, support and representation on legal and regulatory issues, furthering the delivery of Plan International’s strategy, ensuring compliance with legal and regulatory requirements by Plan International, Inc. and its subsidiaries and advising on good governance and the effective management of legal, regulatory, strategic and operational risk throughout Plan International.
- The Data Privacy Manager will support the organisation to continue to embed a data privacy culture with a particular focus on the privacy rights of beneficiaries, working with other departments in the Global Hub (and particularly with the Risk & Compliance Team, the Safeguarding Children and Young People Unit, the Communications Team, the Sponsorship Team, the People and Culture Team, the Information Technology Team), and with Plan International’s programme delivery and fundraising offices globally.
- To continue to implement an effective and appropriate organisational data privacy strategy within Plan International and its member organisations.
- Ensuring that data privacy becomes fully embedded as a part of business as usual at Plan International by fostering a privacy by design approach and through the development of an extensive range of relationships within key functions Plan International
- To act as the Data Privacy Officer for the purposes of GDPR compliance including being the contact point for the Information Commissioner’s Office and acting as the contact point for any other relevant or supervisory data privacy authorities and coordinating the organisation’s response to any regulatory investigation or data privacy request for information.
- To assess, develop, review and deliver a regular data protection training programme relevant to Plan International’s personal data processing activities and its global footprint.
- To inform, advise on and monitor compliance with relevant Data Protection laws.
- Developing and maintaining appropriate Data Protection policies, protocols and procedures and advising on the development of and data privacy compliance assurance programme
- Supporting Plan’s International’s response to any data breach incident within its incident and crisis management frameworks.
- Develop a system to maintain comprehensive records of all data processing activities carried out Plan International and the lawful grounds for that processing
- Provision of data privacy compliance risk management advice, strategic guidance and consultation to business units operating globally including assistance with carrying out privacy impact assessments
- Drafting relevant data transfer agreements and data processing agreements where required.
- Interface with data subjects as necessary to inform them about how their data is being used, their rights to have their personal information erased and the measures Plan International has put into place to protect their personal data.
- The location of this role can be flexible where Plan International has an office* that can employ on behalf of the Global Hub and you have the pre-existing right to work and live.
Expertise, skills and knowledge required
- Experience in a similar role and an understanding of the Data Privacy risks faced by large organisations carrying out significant data processing activities globally
- Experience of advising on data privacy issues and driving data privacy related culture change, multinationally.
- Knowledge of data protection law including data protection regulation (GDPR)
- Excellent senior stakeholder management, including the ability to communicate effectively.
- The ability to provide clear advice and direction even when faced with competing demands and short deadlines.
- Experience in managing data incidents and breaches.
- The ability to conduct the role independently and with integrity and to exercise professional judgement
- Knowledge or experience of collection of data from children and the INGO sector is desirable
- Expert knowledge of Data Protection legislation, in particular the GDPR
- Additional recognised Privacy qualifications would be advantageous (e.g. CIPP, ISEB)
- Excellent communication skills (both written and oral)
- Ability to solve problems and identify and implement pragmatic solutions.
- Able to develop efficient, effective compliance systems and processes that are user-friendly and fit for purpose, Strong drafting skills and powers of analysis with excellent attention to detail including when under pressure.
- Ability to think and advise strategically.
- Able to influence and build strong relationships with different types of people at all levels.
- Self-motivated, efficient and highly organised.
- Creative problem solver
- Highly effective prioritisation of competing requests
- Ability to influence those over whom the post holder has no direct responsibility
- Strong on delivery and effective completer-finisher
- We will be happy to disclose the salary and applicable benefits to applicants as part of this process, however, please kindly note that the salary and employment benefits will be set according to your location and therefore it is not possible to include full details here.
- As an indication if this role was based in the UK the salary would be circa £58000
Deadline: 8th August, 2022.
How to Apply
Interested and qualified candidates should:
Click here to apply online