2 Global Privacy Jobs

KEY ACCOUNTABILITIES/DELIVERABLES Develop and maintain a deep understanding of GGB/GRe business activities, as directed by the CPO Build and maintain strong working relationships with key stakeholders within GGB/GRe and Gallagher more broadly to gain insights to GGB/GRe and Gallaghers business and control environment Assist the CPO to implement the Global Data Privacy Framework (Tier 1) across GGB/GRe Assist the CPO to develop and implement any required GGB/GRe local Data Privacy Frameworks (Tier 2) to minimize privacy risks and drive risk reduction initiatives, including the creation and roll out of policies, standards, processes, playbooks and associated training Train GGB/GRe colleagues in the identification and management of privacy risks and provide coaching to Privacy Champions Complete and maintain GGB/GRe Privacy Risk Registers, with specific focus on inherent and residual risk Provide clear and concise privacy advice in an impactful manner using a wide range of communication channels. Perform privacy horizon scanning Conduct privacy risk assessments, AI impact assessments and personal data transfer impact assessments in respect of new or amended proposed processing activities Develop playbooks for managing and manage complex data subject rights requests including application of applicable exemptions and redactions where required Handle internal and third-party requests for access to GGB/GRe data Assess GGB/GRe personal and commercial data incidents using our playbooks and provide advice and guidance for their containment, mitigation and regulatory reporting obligations Assess privacy risks in relation to GGB/GRes supply chain, working closely with colleagues in security, IT, legal and procurement. Handle GGB/GRe privacy related complaints Provide privacy practitioner advice in relation to GGB/GRe related data protection contractual terms Prepare regular GGB/GRe reports and management information as required. Support the GGB/GRe M&A Privacy Lead(s) in respect of mergers and acquisitions and their future integration or divestiture Assist in the maintenance of GGB/GRes Records of Processing activities Monitor privacy compliance across GGB/GRe as directed by the CPO Carry out duties following internal policies and procedures in accordance with applicable laws, rules, regulations, good governance and Gallaghers shared values putting clients at the heart of our business. Qualifications Min 3+ years demonstrable experience in an operational / consultative privacy role providing hands on privacy advice and support in the identification, assessment, management and monitoring of privacy risks including independently conducting privacy risk assessments and transfer impact assessments as well as advising on complex data subject rights requests Privacy qualifications / certificates e.g. CIPP/E/Asia, CIPM, data protection practitioner certifications (preferred) Technical Knowledge Good practical knowledge of APAC, UK and European data protection laws and regulations such as Singapores Personal Data Protection Act, the UK Data Protection Act 2018, the General Data Protection Regulations 2016. Proven track record of providing hands on privacy advice in line with Data Protection Laws Knowledge of the insurance broking or insurance sector a significant advantage but not essential Knowledge of IT and/or Security an advantage but not essential Experience Experienced in: Working with a broad range of local and global stakeholders Working in a fast-paced environment, to challenging deadlines Being a strong team player with evidenced skills in supporting colleagues and supporting a strong team culture The assessment of and provision of advice and guidance in respect of data incidents Managing and handling data subject rights requests and third-party requests for data including redaction and application of exemptions Conducting privacy risk assessments and transfer impact assessments Assessment of supply chain privacy risks Handling privacy related complaints Creation of data protection policies, standards, procedures, playbooks and training material Working effectively with multi-national teams and stakeholders Working effectively in shared mailboxes Skills/other Strong communicator (oral and written) and capable of robust dialogue Confidence to challenge views and opinions in a sensitive way

International Privacy Counsel and Data Protection Officer The Law & Governance team provides world-class, innovative solutions to the TELUS Digital group of companies ("TD"). We partner with colleagues across the organization to progress business priorities and deliver outstanding outcomes for the clients and communities we serve. As International Privacy Counsel and Data Protection Officer, you will focus on supporting our TD Privacy Office and our global lines of business. As a highly motivated individual who thrives in a fast-paced work environment, you will continue to enhance our strong, collaborative relationship with clients and partners globally and build effective relationships with members of the Sales and Operations teams on a global basis. Reporting to the General Counsel and Global Privacy Officer, Law & Governance, you will work directly with key members of the global business, and legal teams around the world on a variety of cutting edge projects including: privacy assessments, privacy compliance, auditing frameworks in relation to privacy laws worldwide, including GDPR and the Brazil General Data Protection Law and advise on privacy aspects of customer deals and corporate acquisitions. Responsibilities: Act as legal advisor and first point of contact for the company on privacy or data protection-related matters, with an emphasis on Asia and Africa. Provide support for privacy and data protection matters related to legal and commercial agreements. Draft and maintain data protection-related legal agreements, such as DPAs, TIAs, DPIAs, and company policies. Develop and maintain close relationships with business leaders by cultivating a deep understanding of their business and providing proactive, solution-oriented advice. Display the ability and commitment to work collaboratively and diplomatically with numerous people at all levels in a truly multicultural and global work environment. Demonstrate the ability, in a positive, commercial and practical manner, to identify, prioritize and resolve privacy issues quickly and effectively. Work with relevant business units to ensure our products and services are embedded with privacy-by-design. Interface with data protection authorities, and act as the designated data protection officer for the company in various jurisdictions. Requirements: Fluent in English. Qualified to practice law in any country, and in good standing. 5+ years practicing law, with a strong focus on data protection/privacy law ideally in the tech sector, with a mix of law firm and in-house experience is a plus. IAPP certification and experience with the digital advertising TrustArc privacy platform is a plus. Experience with global privacy laws, including European, European Brazilian and US law. Prior experience supporting cross- border transactions and comfortable managing outside counsel. Confident at engaging and interacting with sophisticated stakeholders, internally and externally. Noted for ability to examine and evaluate complex issues while demonstrating an ability to focus and articulate important points and effective solutions. Recognized for record of successfully managing multiple, concurrent customer transactions and delivering on commitments.