Regional Data Protection Officer, APAC (Data Privacy/ Compliance/ Legal)

The Role:

The Regional Data Protection Officer (DPO), APAC enables the senior management of the APAC region and their teams to define, build, and maintain the appropriate level of data protection and privacy practices, according to applicable laws in the region.

• The role has direct responsibility towards Data Protection/Privacy Organization
• Acts and will be a part of Global Data Protection team
• Manages APAC region: Hong Kong, Taiwan, Singapore, Malaysia, Thailand, India and Australia

Reporting line: Group Data Protection Officer

What you will do:

• Assessing, managing and monitoring compliance of regional activities to applicable data protection and privacy laws
• Lead to update/localize existing group Data Protection policies, standards and procedures to conform to internal best practice and local Data Privacy laws / regulations. Develop missing ones.
• Monitoring compliance with the Global Privacy Program across APAC regions including ensuring adherence to data protection-related policies
• Making filings with, responding to, and act as the contact point for the supervisory authority and maintaining relationships with, data protection regulators across APAC
• Act as a point of contact for data subjects with regards to their requests;
• Generate and regularly update Compliance Management KPIs;
• Advise internal stakeholders on applicable obligations for each existing and new data processing operations, following a “privacy by design / default” approach, providing comprehensive and pragmatic recommendations, as well as draft and review data processing agreements with service providers and partners;
• Inform, empower and raise awareness: carry out or contributes to data protection awareness actions, update and deploy guidelines, policies and procedures and animate the Privacy Community, in close coordination with Group DPO;
• Establish, deploy and maintain documentation under "Accountability", in coordination with the internal stakeholders and Privacy champions. This shall include the record of processing, privacy checklist, data mapping, legitimate interest assessments and PIA (Privacy Impact Assessments);
• Promotion of Group best practices and support operational teams on their requests.
• Participate in the development of our global Data Protection strategy and central global program
• Design and run APAC Data Protection Program, including policies and procedures, and processes and link this with the central global privacy program
• Defining regional-specific policies, standards and training as well as procedures and tools to be operationalized within business units
• Supporting and advising on data protection impact assessments
• Delivering training on privacy, data protection and policy matters to complement and enhance the global privacy training
• Lead investigations on data breaches/incidents in the region
• Collaborate closely with APAC & Group Data Protection team to drive specific top-down policies, trainings, audit, activities, etc.
• Represent the Company as Data Protection subject matter expert.

What we are looking for:

• Bachelor or above in Business Law or Information Technology Law or equivalent
• 8+ years’ experience with significant knowledge and experience in the Data Protection/Privacy with a specific focus on the APAC region
• Considerable experience within the field of data privacy law and compliance, preferably working in a multinational organization.
• Sound knowledge in Personal Data Protection and Privacy Laws, in particular the GDPR, PDPA, PIPA, APP, APPI, and of other major privacy frameworks and legislations in the region;
• Qualification on Data Privacy such as IAPP Information Privacy Professional/Asia (CIPP/A) and Europe (CIPP/E), IAPP Certified Information Privacy Manager (CIPM) or Certified Information Privacy Technologist (CIPP/IT), Fellow of Information Privacy (FIP) or equivalent data privacy qualification
• Ability to provide clear, comprehensive and pragmatic advice, including legal advice, and support with a high degree of professionalism;
• Ability to prioritize and manage risks in fast paced environment;
• Experience with project and/or program management in the privacy area, and in particular understanding and implementing the regional aspects and nuances of a global privacy program.
• Strong understanding and interest in the digital world, including digital security requirements.
• Strong communication skill and teamwork skill, able to effectively communicate with cross-functional teams and vendors, both written and oral communication is critical.
• Curious and motivated, strong interest in privacy, information technology (IT), cybersecurity risks and information security standards. You shall keep your skills and knowledge up to date and strive to improve and constantly enrich them through legal, technological and societal monitoring;
• Excellent interpersonal skills and a team spirit are crucial to work in collaboration with the internal stakeholders, to raise awareness and to be seen as a business partner;
• Excellent oral and written communication in English, excellent drafting skills;
• Ability to analyze and master complexity; detailed oriented
• Strong adaptability is essential to succeed in this position.

What we offer:

• Be part of a growing international beauty group, with the latest acquisitions our portfolio consists of 8 brands.
• A multinational working environment with internal mobility opportunities.
• Monthly staff engagement and sustainability activities.
• Attractive discretionary bonus.
• Quarterly free and monthly discounted products.
• Annual leaves, birthday leave and Relaxing days off (one every 2 months)
• Flexible Work arrangement includes flexible working hours and work from home.
• Medical, Dental and Life Insurance.
• Maternity Leave (up to 20 weeks fully paid) and paternity leave (up to 12 weeks fully paid).

(All personal data collected will be used for recruitment purpose only.)

L’OCCITANE is an Equal Opportunities Employer and is committed to ensuring that factors relating to its employees’ ability to perform workplace responsibilities, and to develop in their employment, are the only ones considered in the decisions about their career with L’OCCITANE.

Building a more diverse and inclusive organisational culture is one of the ways we cultivate change.

This involves building an inclusive workplace that makes our people feel:

• safe from any sort of discrimination or harassment
• respected and valued for who they are as individuals.
• We recruit competent and positive minded people who share our core values entrepreneurship, team spirit, leading by example and authenticity and our commitment to sustainability.