London, Greater London
Contract, Full time
Competitive day rate
Data Protection and Privacy Lawyer
My client is a Tier 1 Investment Bank looking to hire an experienced data protection and privacy lawyer on an initial contract basis.
Key Responsibilities with include:
Jurisdictional coverage will include Europe, Middle East and Africa (EMEA), Asia Pacific including Japan (APAC) and South America focusing on the following specific areas:
- Advising in relation to the Privacy / Data Protection compliance program in co-ordination with various stakeholders.
- Monitoring legal and regulatory requirements on international, federal and state levels in relation to privacy and data protection.
- Development and maintenance of privacy/data protection policies and procedures.
- Conducting risk and impact assessments of operational practices for consistency with legal, regulatory, policy and procedural requirements.
- Advising on requirements in respect of retention and disposal of personal data.
- Advising on restrictions for marketing, including use of direct marketing or spam to ensure compliance with e-mail and telemarketing laws globally.
Data Location/Data Transfers/Data Disclosure:
- Advising on legal and regulatory restrictions in respect of personal data location, cross border data transfers and personal data access restrictions / requirements globally.
- Reviewing and advising on notifications and consents in employee and third party documentation, (including customer terms, website terms, notices and policies), to ensure compliance with privacy and data protection requirements.
- Reviewing and advising on arrangements with affiliates and third party service providers who process personal data globally to ensure compliance with privacy/data protection requirements.
- Advising on restrictions on surveillance, (including use of CCTV) and monitoring including electronic communications, (e.g. email, sms, IM, telephone and mobile phone), user/personnel activity as well as the use of tracking, such as cookies or similar technology.
- Advising on use of big data analytics, including profiling, predictive analysis and interactions data.
Requests for Data:
- Advising on jurisdictional restrictions in relation to personal data requests.
- Developing responses in respect of subject access requests, (i.e. individuals exercising their rights under applicable law to access copies of their personal data being processed by the Firm);
- Developing responses in respect of requests to access data by other third parties, (e.g. foreign regulators or governmental authorities in the context of reviews or investigations).
- Responsible for developing responses to international, federal and state governmental and external client in respect of general inquiries regarding privacy, data security, consumer protection and business continuity.
Information and IT Security:
- Monitoring and advising on international legal and regulatory requirements in respect of Information Security and IT / Cyber Security.
- Development of policies and procedures for safeguarding of Firm and client information consistent with legal and regulatory requirements.
- Review and advising on information / IT / cyber security incidents, including cyber security/data leakage events, escalation, remediation and notification obligations to regulators and third parties to ensure compliance with applicable laws and regulations.
- Providing input in respect of Information and IT Security training.
For more information, contact Miriam.Warburton@eximius.com or 0207 648 6954.
Click on the images to connect with Miriam on Linkedin.
Lawyer, data protection lawyer, privacy lawyer, data protection and privacy