Chief Data Privacy Counsel
New York, NY, USA | Colgate-Palmolive
Functions:Legal / Compliance
Job Description:121 people have viewed this job
Responsible for the Compay’s Global Data Privacy Compliance Program, including ongoing review, revision, and implementation.This includes, but is not limited to:
Overall policy and procedure management, including, as applicable, relevant portions of the Code of Conduct and the Global Business Practices Guidelines, and development of training and guidance materials for employees andrelevant third parties, such as marketing agencies and software vendors
Ensuring compliance with all applicable data privacy and security laws, such as the EU General Data Protection Regulation, the California Consumer Privacy Act, as well as other privacy laws in the countries in which Colgate does business
Working closely with key stakeholders such as Corporate Audit and Global Information Security, to review, update and implement an auditing and accountability process to assess and mitigate risks, and ensuring compliance with Global requirements
Serve as the primary Specialty lawyer for Global Information Technology, including:
Working closely with the Chief Information Security Officer to ensure alignment between data privacy and data security policies, practices and tools to ensure the security of the Company’s systems and data, including data provided to and housed by third parties
Providing legal support on all cybersecurity and data breach issues
Providing guidance on the applicable US and foreign laws and regulations related to information technology
Assisting in the review, development, andimplementation of policies and procedures relating to the Company’s information technology resources, including an Incident Response Plan
Remaining abreast of, and provide strategic advice on, industry, commercial and technological developments relating to information technology
Work closely with senior management, including presenting to the Board of Directors, the Enterprise Risk Management Committee, and others as needed, to apprise them of data privacy-related initiatives, project status, and ongoing developments
Provide advice and counsel to the Global Legal Organization (GLO), senior management and other business functions on all data privacy and security issues as they relate to employees, vendors, consumers and customers, including but not limited to:
Changes to privacy laws that impact the Company
Intercompany transfers of employee, vendor, consumer and customer personal data
Individual data privacy-related rights
Breach notification laws
Notification to individuals regarding Company privacy policies
Collection and uses of personal data, including childrens’ personal data
Marketing issues, with a particular focus on Digital Marketing
Third party management
Work closely with Commercial lawyers and Commercial business partners to ensure that contract templates contain adequate data privacy-related terms, and assist with contract negotiations generally
Work closely with Marketing lawyers and Marketing business partners on all aspects of marketing campaigns, with a particular focus on Digital Marketing
Work closely with SITA lawyers and SITA business partners on data privacy and security related aspects of external innovation projects, including connected health-related projects
Assist Corporate lawyers on M&A due diligence for data privacy-related matters
Manage an Associate Data Privacy Counsel and a global team of lawyers on region-specific or project-specific matters related to data privacy on a dotted line basis.
Manage outside counsel on all aspects of data privacy-related matters and oversee outside counsel budgets
Serve as the Company designee for all governmental and regulatory related inquiries and investigations related to data privacy
Requirements for the position:
Undergraduate and JD degrees required; NY Bar Admission
Minimum of8-10 years of legal experience in a law firm or in-house with a strong focus on data privacy, cybersecurity, and digital media issues
Strong legal technical knowledge in counseling clients on all data privacy, technology and cybersecurity matters, both within the US and internationally
Strong analytical, communication and legal writing skills.
Proactively enhance technical expertise by attending external training and reading current legal materials.
Knowledge of consumer products business a plus.
Leadership – Building consensus among disparate stakeholders; being able to persuade effectively.
Relationship Building - Establishing trust; initiating and developing long term relationships and networks to get things done.
Business/Global Perspective - Showing understanding of issues relevant to the broad organization; keeping up to date with current practices and trends; having and using cross-functional knowledge; seeking to understand issues and perspectives of various countries and cultures.
Effective Execution – Balancing speed with quality in achieving goals; simplifying systems and processes to eliminate unnecessary work; delivering against commitments.
Promotes Ethics & Compliance – Actively seeking opportunities to educate business partners about legal and compliance issues related to data privacy; having the necessary courage to raise issues “up the ladder” either within the GLO or to other senior management as necessary and appropriate; understanding his/her special responsibility in matters of ethics and compliance.
Very strong people and leadership skills – the ability to influence others with tact and diplomacy
Very strong communication skills – Ability to work in large, matrixed organizations
Ability to provide practical, executable, business-focused legal and commercial advice
Process-oriented with strong organizational skills