Data Privacy Lead/PIPO, Greater China
Mondelēz InternationalJob Description
Advising, developing and Implementing measures and a privacy governance, data and privacy protection framework to manage and protect personal information in compliance with the local regulation, including developing and maintaining various data governance policies, SOP, process, templates for data collection, assisting with data mapping, and vendor management reviews.
Working with key internal stakeholders in the review of digital projects, new technologies/solutions and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact (PIA) and cross-border data transfer (CBDT) assessments.
Reviewing various contracts (incl. both MDLZ templates and non-templates), MDLZ privacy notice, standard files, T&Cs, and consents needed to implement projects in partnership with Procurement, local Legal and MDS, and ensuring filing requirements with local regulators are achieved.
Monitoring changes and provide advice with respect to data privacy, data security and cyberlaw issues and working with the AMEA Data Privacy Lead and BU Counsel to understand localization requirements to set local standards and review local policies and procedures and make sure local regulatory requirements are met.
Collaborating with the MDS, develop and/or localize training materials with connection to data privacy and security and provide training on the subject matter, to raise employee awareness.
Serving as the primary point of contact, responsible person and liaison for the China Supervisory Authority on all data protection-related matters which are required under the local data protection laws, including being responsible for managing and coordinating regulatory filings, data incident responses, complaints and privacy compliance reviews.
Establish, maintain and update the list of personal information held by the BU (including the type, quantity, source and recipient of personal information, etc.) and authorized access strategies, and comprehensively coordinate and implement personal information security and take direct responsibility for personal information security for BU.
Collaborating with MDS to maintain records of all data assets and exports and maintaining a data security incident management plan to ensure timely remediation of incidents, including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs).
More about this role
3+ years' experience in reputable law firm, Big 4 and/or MNCs, including minimum
2 years of China data privacy laws and and ideally practical experience dealing with local privacy authorities, local data privacy office filings and regulatory issues.
No Relocation support available
Business Unit Summary
Mondelēz International entered the China market in 1984. Headquartered in Shanghai, Mondelēz Greater China is a leading company in the snacks business, including biscuits, Chocolate, candy & gum, and beverages. With over 4,000 employees, Mondelēz has established manufacturing plants in East, South and North China as well as a Global Biscuit R&D Technical Center in Suzhou. The Chinese name Yi Zi (亿滋) represents the company’s vision to bring an abundance of deliciousness to consumers.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.