- Company Name
- Richemont
- Job Title
- Data Protection & Privacy Analyst
- Job Description
-
Job title: Data Protection & Privacy Analyst
Role Summary:
Serve as the central coordinator for the Group’s data protection and privacy initiatives, linking legal, technology, risk, and business units to ensure compliance with global privacy regulations and internal policies.
Expactations:
Deliver timely and accurate privacy documentation, support legal and regulatory matters, manage privacy‑related technology solutions, and provide proactive, solutions‑focused advice to stakeholders.
Key Responsibilities:
- Update and maintain Records of Processing Activities (ROPA) for global and local systems, including unstructured data.
- Define, document, validate, and implement Data Protection Impact Assessments, Legitimate Interest Assessments, and Transfer Impact Assessments, ensuring process improvements and ongoing compliance.
- Manage data subject request workflows (access, erasure, corrections) and document responses at the Group level.
- Coordinate data retention analysis and enforce storage‑limitation principles across processing activities.
- Act as liaison between Group Functions (Technology, Data, Security, HR, Marketing, Communications) and Maison teams to embed privacy compliance into all platforms and digital initiatives.
- Draft and review privacy‑related memos, guidelines, business rules, and processes in collaboration with Group Maisons and central legal.
- Monitor and assess privacy compliance risks, prepare and adhere to Group policies and procedures, and contribute to knowledge‑management resources.
- Participate in and sometimes lead legal‑operations‑related projects and training initiatives for internal staff on privacy best practices.
- Respond to privacy incidents, conduct root‑cause analysis, and draft communications to clients and regulators.
- Stay current on privacy legislation, emerging technologies (AI, blockchain), and industry trends, especially within the luxury sector.
Required Skills:
- Strong stakeholder‑management and communication abilities (written and oral).
- Proactive, results‑oriented, and capable of working independently in a team environment.
- Business acumen, commercial awareness, and familiarity with privacy‑related technology solutions (e.g., OneTrust).
- Ability to interpret and apply regulatory requirements across multiple jurisdictions.
- Experience managing cross‑functional projects and coordinating with external counsel.
Required Education & Certifications:
- Bachelor’s degree in Law, Business, Computer Science, or related field.
- Preferred privacy certifications: CIPP/E, CIPM, or equivalent.
- Prior experience in a compliance, business legal, or privacy‑specific role is required.
---