In-House Role - Data Protection & Privacy Lawyer - Global Investment Bank - Contract opportunity
- Recruiter
- Eximius Law
- Location
-
London (Greater)
London (Greater)London (Greater)
- Salary
- Competitive
- Posted
- 15 Feb 2018
- Closes
- 16 Mar 2018
- Ref
- BJDP
- Job Title
- In House Counsel
- Category
- Legal
- Contract Type
- Contract
- Hours
- Full Time
My client is a Tier 1 Investment Bank looking to hire an experienced data protection and privacy lawyer on an initial contract basis.
Key Responsibilities with include -
Jurisdictional coverage will include Europe, Middle East and Africa (EMEA), Asia Pacific including Japan (APAC) and South America focusing on the following specific areas:
- Privacy/Data Protection:
- Advising in relation to the Privacy/Data Protection compliance program in co-ordination with various stakeholders.
- Monitoring legal and regulatory requirements on international, federal and state levels in relation to privacy and data protection.
- Development and maintenance of privacy/data protection policies and procedures.
- Conducting risk and impact assessments of operational practices for consistency with legal, regulatory, policy and procedural requirements.
- Advising on requirements in respect of retention and disposal of personal data.
- Advising on restrictions for marketing, including use of direct marketing or “spam” to ensure compliance with e-mail and telemarketing laws globally.
- Data Location/Data Transfers/Data Disclosure
- Advising on legal and regulatory restrictions in respect of personal data location, cross border data transfers and personal data access restrictions/requirements globally.
- Reviewing and advising on notifications and consents in employee and third party documentation, (including customer terms, website terms, notices and policies), to ensure compliance with privacy and data protection requirements.
- Reviewing and advising on arrangements with affiliates and third party service providers who process personal data globally to ensure compliance with privacy/data protection requirements.
- Monitoring
- Advising on restrictions on surveillance, (including use of CCTV) and monitoring including electronic communications, (e.g. email, sms, IM, telephone and mobile phone), user/personnel activity as well as the use of tracking, such as cookies or similar technology.
- Advising on use of big data analytics, including profiling, predictive analysis and interactions data.
- Requests for Data
- Advising on jurisdictional restrictions in relation to personal data requests.
- Responsible for developing responses in respect of subject access requests, (i.e. individuals exercising their rights under applicable law to access copies of their personal data being processed by the Firm);
- Responsible for developing responses in respect of requests to access data by other third parties, (e.g. foreign regulators or governmental authorities in the context of reviews or investigations).
- Responsible for developing responses to international, federal and state governmental and external client in respect of general inquiries regarding privacy, data security, consumer protection and business continuity.
- Information and IT Security
- Monitoring and advising on international legal and regulatory requirements in respect of Information Security and IT/Cyber Security.
- Development of policies and procedures for safeguarding of Firm and client information consistent with legal and regulatory requirements.
- Review and advising on information/IT/cyber security incidents, including cyber security/data leakage events, escalation, remediation and notification obligations to regulators and third parties to ensure compliance with applicable laws and regulations.
- Providing input in respect of Information and IT Security training.