The Group Data Protection Officer (DPO) will be responsible for overseeing the Group’s data privacy and compliance programmes. The role is appointed pursuant to the General Data Protection Regulation (GDPR) which comes into force on 25 May 2018 and the initial priority will be to refine and execute the Group’s GDPR project plan.
Data Protection Officer for the Group (which includes GlobalData PLC, Compelo Limited any other subsidiaries or companies under the same common control) shall include the following responsibilities:
- manage Group compliance with data protection laws and policies through business managers and champions;
- inform and advise on data protection laws and policies;
- create and maintain data protection policies and procedures;
- monitor compliance with data protection laws and policies;
- oversee the maintenance of records required to demonstrate data protection compliance;
- supervise and advise on data protection impact assessments and develop and execute relevant project plans;
- manage a program of awareness-raising and training to deliver compliance and to foster a data privacy culture within the Group;
- review DP clauses in client terms and supplier contracts.
- lead a data incident response and data breach notification procedure;
- be the contact point with and co-operate with the relevant Data Protection Authorities and to data subjects when exercising their individual data rights as well as supervise and advise on the response to such requests;
- Provide updates on the data protection compliance programme to the Board and Management Team as appropriate.