Job Ref: 214484959

Date: 2021-08-20 15:46:32

Apply Now

bp pulse is a rapidly growing customer facing business handling increasing volumes of customer and employee data. Bp pulse has traditionally been supported by bp’s central data privacy team and external advisors in relation to data privacy matters. As the company prepares for a significant scale-up, a full-time data protection officer is now required to be responsible and accountable for actively monitoring and managing data protection compliance, developing, and enforcing company policy in this area in line with bp’s global privacy programme and developing and managing an ongoing data protection compliance programme.

Key Responsibilities:

* Ensure that data protection compliance measures are appropriate for the company now and evolve with the company as it grows and remain aligned with future strategy.

* Defined point of contact for data protection matters, provide day to day advice to bp pulse employees on data privacy issues and enable effective and efficient implementation of data protection compliance measures.

* Create and maintain a robust training and awareness programme for the company in line with bp’s global data privacy awareness programme.

* Prepare for and respond to incidents involving personal data.

* Report to and surface data privacy matters to the Senior Leadership Team.

* To be registered as the Data Protection Officer for bp pulse with the ICO.

Tasks:

* Develop and define bp pulse’s privacy governance programme and framework, including producing and implementing a suite of policy documents as appropriate.

* Carry out bespoke privacy and data protection training to upskill colleagues in key departments to raise awareness of data privacy issues and to empower them to take responsibility for data protection in their roles.

* Co-ordinate and deliver training as the subject matter expert to both new joiners and refresher training for all staff as part of such an ongoing training programme.

* Promote awareness-raising to create a positive risk and ‘data privacy aware’ culture, acting as an advocate and ambassador of bp pulse’s data protection compliance programme across the business and pushing for the delivery of its objectives. Developing privacy awareness-raising initiatives (including the use of internal collaboration tools) within the company.

* Advise, support and challenge the business in relation to data protection matters, and hold the business to account on its data protection responsibilities, whilst adopting a commercial and risk-based approach, acting as a business enabler. Ensure that the Senior Leadership team understand the company’s obligations with regard to compliance with the EU GDPR and related privacy legislation.

* Attending project meetings from the outset and working with key stakeholders such as data architects, IT/Digital Security and the delivery teams on the design of new digital products, IT systems, software and any other projects involving the use, handling, storage and transfer of personal data. This would for example involve ensuring that (i) the projects/products give effect to individuals’ privacy rights of access and erasure; and (ii) that there are suitable data retention periods and system access controls in place.

* Deal with privacy-related enquiries from employees, customers and other stakeholders and managing the bp pulse data privacy mailbox.

* Liaise and work closely with bp’s Central Data Privacy Team, particularly on wider bp data protection compliance initiatives and training programmes which could benefit bp pulse

Apply Now