Data Privacy Manager
Clifford Chance is one of the world's leading law firms, helping clients achieve their goals by combining the highest global standards with local expertise. The firm has unrivalled scale and depth of legal resources across the three key markets of the Americas, Asia and Europe and focuses on the core areas of commercial activity: capital markets; corporate and M&A; finance and banking; real estate; tax; pensions and employment; litigation and dispute resolution.
The successful candidate will become a member of the global Firm's small core Risk team which is managed by the global General Counsel and based in London, taking instruction on a day to day basis from the Head of International Compliance and ultimately reporting to the global Data Protection Officer/Director of Regulatory Risk.
Complete the inventory of all the Firm's personal data processing projects processes and systems and maintain this inventory as an internal registerCarry out a global Data Protection audit and provide recommendations to the Head of International Compliance in order to make the Firm fully compliant with relevant legislation, particularly the General Data Protection Legislation
- Support the Head of International Compliance in:
o maintaining the Firm's global Data Protection framework;
o reviewing and updating the Data Protection policies and procedures;
o disseminating new guidance on Data Protection to all staff and partners
- Monitoring the implementation of Data Protection standards, policies and procedures within the Firm
- Carrying out Privacy Impact Assessments on all systems processing personal data from time to time
- Conducting frequent audits of data for compliance purposes
- Manage the 'DP Health Check' self certification process
- Ensuring that the Data Protection aspects are properly covered in the governance documents of all systems processing personal data
- Monitor, annually review and amend as appropriate the Firm’s UK DP registrations and notification(s) and monitor and assist with such notifications outside the UK, as applicable
Provide a central point of contact and specialist advice for the London office, liaising as appropriate with London office senior management
Handle complaints and queries from Data Subjects and Subject Access Requests
Provide formal compliance reporting to the Head of International Compliance
Liaising with Data Protection experts and DP contacts in overseas offices to ensure Firm-wide compliance
Providing advice on projects and act as the main point of contact for Data Protection issues for the
Global Programme Group
Providing Data Protection advice, support and regular training
Review DP clauses in Client terms and supplier contract
- Project management/organisational skills – able to run multiple initiatives in parallel.
- Ability to research and quickly digest new and emerging Data Protection rules and provide practical and commercial advice on their implications.
- Compliance and risk management exposure at a senior level for an international organisation.
- Practical experience in the area of data privacy and protection in both the UK and foreign jurisdictions.
- Legal and regulatory awareness.
- Understanding of systems and processes involved in gathering, storing, transferring and collecting data in an international context.
- Strong academic background. Post graduate certification in one or more of data privacy, legal/compliance, accounting/business, information technology desirable.
- Legal qualification preferable.
It is the Firm's policy to treat all employees and job applicants fairly and equally regardless of their gender, marital or civil partnership status, race, colour, national or ethnic origin, social or economic background, disability, religious belief, sexual orientation, or age. Furthermore, the Firm will ensure that no requirement or condition will be imposed without justification which could disadvantage individuals purely on any of the above grounds.
The policy applies to recruitment and selection, terms and conditions of employment including pay, promotion, training, transfer and every other aspect of employment.
The Firm will regularly review its procedures and selection criteria to ensure that individuals are selected, promoted and otherwise treated according to their relevant individual abilities and merits.
The Firm is committed to the implementation of this policy and to a programme of action to ensure that the policy is, and continues to be, fully effective. All staff are required to comply with the policy and to act in accordance with its objectives so as to remove any barriers to equal opportunity. Any act of discrimination by employees or any failure to comply with the terms of the policy will result in disciplinary action.