DPO (Data Privacy Officer)

Quess Corp Limited (BSE: 539978, NSE: QUESS), is India's leading business services provider, leveraging our extensive domain knowledge and future-ready digital platforms to drive client productivity through outsourced solutions. We provide a host of technology enabledstaffing and managed outsourcing services across processes such as sales & marketing, customer care, after sales service, back-office operations, manufacturing operations, facilities and security management, HR & F&A operations, IT & mobility services, etc.

Established in 2007 and headquartered in Bengaluru, Quess today has unmatched geographic presenceand scale with more than 644 locations across India, South East Asia & North Americawith 5,00,000+ people & 3000 + clients.

About the job- DPO

We help clients address some of the world's most profound social and business challenges, including the looming retirement crisis, an evolving healthcare landscape, the effects of climate change, and an insurance industry burdened by low interest rates and daunting reporting requirements.

As the risks to businesses and communities around the world grow increasingly complex and unpredictable in the shadow of a global pandemic, we can't think of more vital work.

Quess Corp Ltd is looking for a Data Privacy Officer, Bangalore to set up its Global Data Privacy Team, and be part of a supportive Legal & Compliance team.

This role will be located in Bangalore, India

Position Summary

You will focus on the privacy program for Quess & its group companies in the APAC region, Middle East and North America, including processes, procedures and initiatives, and collaborate with other departments and practices in support of the privacy program.

Promote a culture of data protection and compliance across all units of the organization.

Responsibilities:

? Serves as primary point of contact for Data Privacy related program, queries, coordinating with internal stakeholders & regulatory authorities.

? Forming and participating in the [Data Privacy / Information Governance] Committee.

? Research and legal monitoring of new and revised data privacy regulations in India, APAC , Middle East and NA region.

? Respond to requests for data privacy advice from the business, including assisting in responding to prospect and customer data protection questionnaires.

? Proactively identify privacy risks in processes and systems and propose mitigations.

? Assist with the drafting of relevant data privacy & ISMS policies and with identifying any gaps in policies/procedures based on regulations and recommend prioritization of addressing gaps.

? Prepare and present data privacy trainings and awareness programs.

? Assist with the drafting of guidelines for products and software (Privacy-by-Design).

? Assist with the implementation of the Vendor Risk Management Program.

? Create and maintain a network of local DPCPs (Data Privacy Contact Persons) and providing them with advice when needed.

? Draft and ensure appropriate delivery of employee notices/consent forms.

? Maintain organisation's Records of Processing Activities, where required.

? Assist with the group-wide data mapping process.

? Negotiate local and international data sharing agreements and assisting with local and international contract analysis to ensure that data privacy and protection objectives are adequately addressed.

? Manage and centralizing Data Subject Access Requests (DSARs) and other requests from data subjects residing in the respective region.

? Advise on the response to data privacy incidents, including corrective and preventative actions and collaborate with the main point of contact for the response to data privacy incidents globally.

? Assist with the drafting of Data Protection Impact Assessments (where required) and as you grow in data privacy experience, undertaking Data Protection Impact Assessments yourself.

? Monitor implementation of data privacy recommendations made under Data Protection Impact Assessments.

? Conduct audits to ensure compliance and to address potential issue and also coordinating with internal & external auditors.

? Periodical reporting & dashboard to management and board

Education:

? Understanding of global data privacy laws and regulations.

? Preferred: CIPP/A certification through the IAPP; Module A certification by FDPPI.

? 13+ years of significant experience in both legal & technology background.

? Strong analytical skills.

? Strong and demonstrated understanding of the data privacy laws in the operating countries, with a desire to develop knowledge across the region.

? Ability to deal with various laws across several countries.

? High level of organization and planning skills, with the ability to create plans and diligence to follow through and monitor plans through execution and completion.

? Good contract drafting and negotiating experience, with experience in drafting of data privacy clauses.

? Works well with external clients, in a professional manner.

? Strong written and oral communication skills.

Preferred: Immediate Joiners