Minor Hotels is an international hotel owner, operator and investor, currently with a diverse portfolio of over 530 properties designed intelligently to appeal to a variety of travellers, serving new passions as well as personal needs. Through our Anantara, Avani, Elewana, Oaks, NH Hotels, NH Collection, nhow and TIVOLI properties, Minor Hotels operates in 50+ countries across Asia Pacific, the Middle East, Africa, the Indian Ocean, Europe and South America.

You will be responsible for implementing and maintaining a data governance and privacy program at Minor Hotels. Working with a multidisciplinary team you will develop and promote the responsible use of data without losing sight of commercial interests and goals. You will be expected to liaise with stakeholders and be part of transformation efforts to drive the company to mature as a data driven organisation. Furthermore you will take responsibility for the data protection program throughout Minor Hotels in corresponding jurisdictions. As a subject matter expert you will enhance the data privacy and governance culture to achieve business objectives.

• A Bachelor’s Degree in business or data governance or computer science.
• Experience in data management, governance and privacy program management.
• Prior experience in the hotel or travel industry ideal.
• Fluency in written & verbal English is essential. Spoken and written Thai capabilities preferred.
• Ability to thrive in an international environment.
• Possesses or willing to obtain certifications in data management such as DAMA CDMP and data privacy such as IAPP CIPM  or CIPP/E or CIPT.
• Experience capturing data requirements for large scale transformation programmes, through working with a broad range of stakeholders, running workshops and managing teams.
• Extensive experience in defining, designing and implementing policies, standards, guidelines, tools, metrics and standards for data management and governance frameworks.
• Excellent analytical, problem solving and project management skills.
• Strong analytical skills are a must. Ability to work well under pressure and effectively handle multiple, concurrent demands and appropriately prioritize responsibilities.

DATA PRIVACY

• To lead the Data Protection Program within own Group, and provide guidance, and work closely with the Business Units on getting and staying compliant with the data protection laws, and being a point of contact withing own Group for all data protection matters and inquiries.
• To communicate progress and escalate challenges to the Data Protection Office and align directions with the Data Protection Office regarding the Data Protection Program.
• To ensure that the Data Protection Program delivery is on time, on scope, and to the required quality and standard.
• To lead the design of remediation plans and lead the implementation with the support from the Data Protection Office.
• To communicate the progress of remediation plan and escalate challenges directly to the Data Protection Office through the progress update meetings.
• To maintain and update RoPAs of own Group where needed.
• To initiate and/or update the drafts of documents related to the personal data for the legal team’s review.
• To roll out and maintain the documents related to the personal data such as privacy statements and consent forms for each type of data subject, DPAs, DSAs, policies and procedures, etc.
• To guide and work closely with the Business Units of own Group in responding to the data subjects’ requests.
• To investigate and mitigate the risks associated with data protection. This includes coordinating handling of breach incident, conduct of Personal Data by Design and DPIA with the support from the Data Protection Office.
• To initiate, maintain, review and adjust security measures for personal data in any forms, mitigating potential data protection risks.
• To ensure that all documents related to the personal data are properly signed according to the data protection laws and Minor’s internal policy.
• To provide support on training contents to the Data Protection Office, including coordinating with HR to roll out relevant training programs within own Group and monitoring progress in order to provide updates to the Data Protection Office.
• To be extensively equipped with the knowledge of data protection laws and business operations of own Group.
• To provide support and cooperation to the Data Protection Office with any inquiries from various data supervisory authorities.

DATA GOVERNANCE

• To be actively engaged in the Data Council to create data standards/ business rules/ procedures/ policies for organization/ enterprise-wide data.
• To represent business interests in approving best practices, tools, resources to be used to ensure set deliverables for data related projects.
• To establish and oversee the initiatives of the data governance program at a strategic level, identify data governance projects and set goals for the program, oversee progress.
• To assist in the resolution of data issues and to communicate decisions made in the Data Council, DPEC and other related working groups towards the organization and their own functional/ business area.
• To promote the objectives and importance of the governance program. Inform stakeholders of decisions, action items, and scope of work (including standards, policies, guidelines, etc.).
• To advocate the benefits of the data governance program to create awareness, understanding, and financial support.
• To create a data centric culture where data is everyone’s responsibility.
• To develop training and development initiatives to enhance data literacy and culture.
• To ensure data is treated as an asset by providing meaningful reporting and measurement on its value to the enterprise to ensure it is managed accordingly.
• To facilitate with stakeholders to promote data democratisation and ensure data is accessible to users to perform their functions and duties.
• To help Minor Hotels commercial teams to ensure Data is defined consistently throughout the operations and aligned to enterprise definitions, and the definitions are understandable and available to all users
• To liaise with cybersecurity and data operations teams to ensure controls are put in place so that data is protected from unauthorized use and disclosure
• To support and promote the use of data to enhance the BU’s performance top line and bottom line.