Data Protection Officer - Berlin, Deutschland - Free2Move

Beschreibung

Created in 2016, Free2Move simplifies mobility-related uses by offering a wide range of services to satisfy everyone's travel needs.

With Free2Move, you can rent a city car for shopping or for your stay in Italy or book a car park during your weekend in Paris...

all in one click, on our web/mobile platform

Born from the merger of the Stellantis Group and the start-up TravelCar, Free2Move, thanks to its agility and its spirit of conquest has managed to establish itself in just 6 years as a reference player to revolutionize the mobility of all travellers.

Having become the #1 reflex for more than 6 million users, Free2Move operates in more than 170 countries across 5 continents and is available in 30 languages and 26 currencies.

5000 partners trust us and several hundred thousand vehicles are available

If you want to join a team of +250 experts and bold international projects, then you're in the right place

You will evolve in an ultra-dynamic, innovative, agile, internationally-focused structure and integrate our talented teams, full of ideas and motivation and with multidisciplinary skills, at the crossroads of the digital eco-system and the fast-changing automotive sector.

JOIN US

It's exciting, you'll see

We have a great new opportunity for a Data Protection Manager & Global Data Protection Officer (Group) to join our Legal Team.

He / She will coordinate, implement and monitor data protection and privacy compliance within Free2Move Group and act as Global Data Protection Officer.

Your scope will cover mainly German & French legal entities of the Group.

A great opportunity to constructively challenge existing processes and procedures and ensure Free2Move Group remains compliant with current applicable data protection laws globally.

Your next missions:

• Being key contact for business on all data protection/privacy matters and compliance with EU data protection (GDPR, ePrivacy) and global privacy regulations
• Conduct audits to ensure privacy and data protection compliance
• Analysing and mapping of processing operations and ensuring data protection and privacy compliance
• Drafting of data protection policies and guidelines and implementing all relevant data protection requirements for Free2Move Group (incl. privacy notices, records of processing activities, crossborder adequacy strategy, data retention concept, data breaches procedures, conducting DPIAs)
• Responsible for reviewing and advising on related agreements and contracts created and/or managed by the Legal Department, to ensure adherence to current applicable data protection laws, including international data transfer mechanisms (e.g. EU Standard Contractual Clauses (SCCs)), Data Processor Agreements, Data Transfer Agreements, etc.
• Responsible for conducting Data Protection Impact Assessments (DPIAs) and data protection risk assessments
• Responsible for creating and maintaining awareness of applicable data protection legislation, including but not limited to GDPR
• Supports the delivery of training to employees on Data Protection requirements
• Act as key contact for inquiries from external clients and subcontractors, internal key stakeholders providing them with appropriate guidance and advice; liaising with Free2Move Group's Legal Team external lawyers and data protection authorities
• Ensure that the Company's IT systems and procedures comply with data privacy and protection regulations, and policies
• Monitoring of legislative changes to data protection regulations as well as court judgements and ensuring communication to relevant internal stakeholders
• Leads and/or supports the investigation of any data protection violations or related deviations, including handling of data breaches, providing advice to internal stakeholders on responses to clients or employees
• Responsible for advising on and ensuring that Data Subject Rights are granted lawfully
• Working with and coordinating designated privacy law attorneys where necessary to help advise on local data privacy law issues
• Contribute to the deployment of new tools (Legal Tech) and methods for implementing data protection compliance.

Expected skills:

• Masters degree in digital law or business law or German law degree with focus on digital/IT/data protection, indepth knowledge of EU data protection law (GDPR, ePrivacy)
• 4+ years' of relevant postqualification legal experience and strong track record in advising on EU data protection and privacy (GDPR, ePrivacy) with international exposure and implementing data protection compliance management and processes
• Indepth knowledge of relevant EU data protection and privacy regulations and soft law sources (opinions/guidelines of EDPB, local data protection authorities and relevant and court rulings)
• Certifications in data protection and/or GDPR (e.g. CIPP/CIPM/CIPT by IAPP) is a big plus but not required
• Experience working & communicating with data protection authorities is a plus
• S