Data Protection Expert (Openbank in Frankfurt)
Country: Germany
Openbank is the digital bank from Santander Group, the biggest financial entity in the Euro-zone. Openbank is in the middle of a digital transformation, working in start-up format and innovating in core banking product development from within. We want to convey a whole new digital experience to our customers and for that reason we need the most skilled professionals to come and join us. We are looking for a Data Protection Expert to help implementing the following tasks in the German branch in close collaboration with Head Quarter in Madrid.

EXPERIENCE:

• Completed studies with (business) legal orientation or with an IT-technical focus and affinity for data protection-relevant topics (Privacy by Design and Privacy by Default).
• 5- 8 years of Professional experience in the financial services sector or in IT is beneficial.
• Secure knowledge of common software (Microsoft Office, SharePoint, Prime advantageous).
• Structured, independent and goal-oriented working methods, hands-on mentality.
• Ability to communicate professionally and objectively to senior executives and decision-makers in the bank; good presentation skills.
• High level in German and fluent in English. Knowledge of Spanish is an advantage.

• Provide expert advice on important data compliance requirements, including data privacy impact assessments.
• Review privacy flows by design and by default to ensure compliance with data protection regulations.
• Draft new and amend existing internal data protection policies, guidelines, and procedures.
• Monitoring compliance with national data protection regulations, in line with the supervisory program and control framework. The policies of the controller or processor regarding the protection of personal data, the assignment of responsibilities and the corresponding audits.
• Provide guidelines for the conduct of marketing campaigns.(consent/legitimate interest/ etc) and perform controls over this.
• Implement privacy controls to ensure compliance (KPIS).
• Maintain records of all data processing activities of the company.
• Monitor compliance with Openbank’s obligations as a data controller, including choosing only service providers that offer sufficient data protection guarantees. To do this, it will monitor their compliance with the GDPR in accordance with the entity’s supplier approval procedures defined.
• In relation to the rights of data subjects, supervise the compliance by Openbank as data controller of the obligation to provide data subjects with the exercise of their rights, as well as the procedures for their management, ensuring that they are visible, accessible and simple and that the requests are managed in compliance with the deadlines established by the regulations.
• Promotes a culture of data protection within the organization and will contribute to compliance with the implementation of essential elements of the GDPR through training sessions and awareness measures and can also coordinate with other areas such as cybersecurity or risks. Participation in different committees of the entity (Cybersecurity, Product Governance, Compliance, etc).
• Legal assessment from a data protection perspective in the implementation of new challenging projects.
• Draft and negotiate data protection agreement (controller-processor; joint controllership, etc.).
• Draft new and amend existing privacy policies/notices for our customers and cookies policies.