Data Protection Officer
- Full-time
Company Description
Eat 'N’ Go Limited is a restaurant group on a mission to become the premier food operator in Africa. So far, our growing family consists of three international brands, Domino's Pizza, Cold Stone Creamery & Pinkberry.
Eat ‘N’ Go limited officially started operation in August 2012 with the premier store at 4, Saka Tinubu Victoria Island, Lagos. Today, Eat N' Go has about 100 stores (outlet) across Nigeria and still growing.
Job Description
The Data Protection Officer of Eat N Go will perform the responsibilities of a DPO as defined in Article 4.1 of the NDPR, including the following:
• Informing and advising the Company and work with the Group Compliance Manager and Group CTO to carry out data processing operations about their obligations under the NDPR and any applicable data protection laws.
• Monitoring compliance with Compliance Manager by the Company with the NDPR and any other applicable data protection provisions.
• Monitoring the strategies of the Company in conjunction with Group CTO & Group Compliance Manager for the protection of personal data, including the allocation of responsibilities, awareness-raising and training of personnel involved in the processing operations, and related verifications.
• On request, advising the Company in connection with Data Privacy Impact Assessment (DPIA) and implementations thereof, pursuant to Article 4.5 of the NDPR.
• Ensuring the cooperation of the Company with the regulatory agencies in respect of issues related to data privacy and protection.
• Serving as a contact point for the regulatory agencies on issues related to personal data processing, including prior consultation on DPIA pursuant of Article 4.5 of the NDPR and, where appropriate, advising on all other issues related to data protection and privacy; and
• Acting as a contact point for the exercise of rights of data subjects under Article 3.1 of the NDPR and advising the Company on the processing of their inquiries related to data processing activities.
• The Data Protection Officer function overlooks data protection compliance in an organization. Maintaining records of processing of personal data, takes lead in developing data protection and related policy and procedures. The DPO becomes a bridge between various disciplines within the group analyzing how the results of data protection schemes may impact the organization.
•Regular review and managing the processes through which the company seeks, records, and manages the consent of Data Subjects to ensure compliance with NDPR data privacy clauses
• Review the data privacy practices of third-party data processors periodically to assess compliance with data protection clauses in NDPR and various contracts.
• Regular training of company personnel who collect and/or process personal data on their role and responsibilities under the NDPR.
• Ensuring departments comply with development and management of documents of the various data processing activities they carry out.
• Development and management of the policy to deal with subject access requests made by Data Subjects. Monitoring and prevention of any data breaches, and detected, reported, and investigated in coordination with Cyber/network security team.
• Overseeing ENG Group NDPR/GDPR data privacy and policy framework.
• Experience in dealing successfully with different business cultures and industries.
• Ensuring that data protection training of employees and company-wide is conducted annually; liaise with the training department (LOC & HR) to include same in their content for the New Team-Members Orientation (NTO) and Marketing team
Qualifications
· LLB. in Law, (LLM will be an added advantage)
. Privacy Certification is a MUST
·Minimum of 2 years’ experience is required
· QSR/Retail experience is a plus
· Significant experience in global privacy laws, including drafting of privacy policies, technology provisions, and review agreements.
· Demonstrated leadership skills achieving stated objectives involving a diverse set of stakeholders and managing varied projects.
·Have excellent negotiation skills to interface with Nigeria Data Protection Bureau and Auditors on behalf of the company.
·Demonstrated client relationship skills to continuously coordinate with data controllers.
• Communication skills to speak with a wide-ranging audience, from the board of directors to data subjects, from managers to IT staff and lawyers.
Additional Information
Only Qualified candidates will be contacted