Reporting to Moët Hennessy Data Protection Officer, and member of the corporate Internal Control, Audit & Risk team, the deputy Data Protection Officer contributes to ensure that all Moët Hennessy entities are compliant with the requirements of the new General Data Protection Regulation (GDPR) or local privacy regulations by :
- Working in close cooperation with the Data Protection network
- Detecting cases of non- compliance and helping correcting them
- Undertaking awareness-raising and training activities.
The scope covers all Moët Hennessy activities processing personal data.
After 2 years of intensive GDPR compliance program implementation, Moët Hennessy is structuring its internal privacy team and wants to maintain a robust system to prepare the extension of the scope.
The Deputy DPO is expected to :
In autonomy :
- Assist internal Data Protection network in implementing remediation plans defined as part of the compliance program and identifies potential new risks;
- Participate to the update/improvements of Data Protection policies, procedures, methods and guidance, as well as the tools used up to now;
- Perform compliance analysis (especially for new projects) and advise on how personal data should be used, issue recommendations, suggest alternative solutions if necessary;
- Organize the documentation providing evidence of compliance with GDPR (and any applicable data protection laws) : how to access/store it...;
- Perform annual review of the records of processing activities for quality and exhaustiveness purpose;
- Carry out regular checks (websites,...) ;
- Update the training materials and organize training sessions, deploy elearning campaigns;
- Prepare meetings and privacy committees and participate to them
- Ensure the regulatory watch (e-privacy, other privacy laws,...).
As a contributor :
- Formalize the notification process in the event of a suspected or proven data breach; and answer to data subjects' rights requests
- Assess Data Privacy risks and conducts DPIAs
- Draw up an annual activity report.
- Business/ Engineer School, Master degree in Data Protection or Master 2 in "Droit du numérique" or new technologies
- Fluent in French and English
Qualifications and Experience:
- 10 years of experience and minimum of 2/3 years in Data Protection as a consultant or a DPO assistant
- In-depth knowledge of the GDPR and if possible, other local privacy laws principles
- Solid understanding of information security
- PMO skills
- Conviction, communication
- Good teaching & pedagogical sense
- Able to find solutions
- Capacity to influence, convince, good sense of internal service
- Organized and rigorous
- Able to analyze and synthetize
- Autonomous and team working