Digital, AI and Privacy Legal and Compliance Manager Germany (m/f/d)

About this role

Responsibilities

• Drive the deployment of the enterprise-wide data ethics and privacy compliance program in line with all GSK’s internal policies, regulations and timelines.
• Support the VP, Head of Digital, Privacy and Cybersecurity to deploy the DPC strategy by working with the local Legal and Compliance teams to ensure a consistent global approach of digital and privacy strategy, while taking into account the complex global legal landscape of digital, privacy and cyber laws.
• Support global initiatives led by the VP, Head of Digital, Privacy and Cybersecurity and the AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer.
• Partner with Compliance Officers to report on progress and gaps to the Risk Management Compliance Boards.
• Partner with Local Legal teams to lead interpretation of local privacy, AI, digital and cybersecurity regulations.
• Support global review of GSK written standards including the privacy policy, standards, tools and standard operating procedures, including leading on any country-specific content and requirements that need to be addresses for local deployment of the privacy operating model.
• Review the role-based target audience for training.
• Manage local process owners and third-party managers in the principles of privacy by design and perform privacy impact assessments.
• Support the closure of local Corrective and Preventative Actions.
• Consult, seek advice, and provide support to the AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer.
• Respond to inquiries and complaints from data subjects.
• Support AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer to notify the Data Privacy Authority of breaches within applicable timeframes.
• Review changes to local privacy laws together with the legal counsel and support local corrective and preventative action plan remediations.
• Educate others on country-specific privacy risks.
• Share and gather good practices from your country with the broader Digital, Privacy and Cybersecurity team.
• Oversee GSK’s compliance with the enforcement of individual rights under local data protection and privacy laws.
• Stay current on emerging technologies, new and proposed laws, and other developments, as well as best practices and trends in the digital and privacy space, and act on opportunities to shape the external environment.
• Play a key role in contributing to creation and management of digital and privacy templates, training and education programs and DPC “Cheat Sheets”.
• Contribute to shaping the future strategy of the Digital, Privacy and Cybersecurity team in line with the global business approach to its digital transformation and focus on putting digital innovation at the heart of its business
• Why you?
• Basic Qualifications:
• We are looking for professionals with these required skills to achieve our goals:
• This is a broad role requiring significant analytical and problem-solving acumen. A high level of expertise is required to be prepared to advise real-time on digital and privacy initiatives for GSK.
• Master’s degree or Law degree plus significant years post-qualification experience in the areas below.
• Privacy CIPP or similar qualification.
• Highly proficient with data privacy laws and regulations, plus relevant work experience in managing data privacy matters, GDPR, e-Privacy Directive and other global privacy and data regulatory frameworks;
• Digital advertising standards and requirements in Europe
• Preferred Qualifications
• :
• If you have the following characteristics, it would be a plus:
• Motivated self-starter with ability to excel at multi-tasking in a fast-paced environment.
• Superior time management, planning, and organizational skills.
• Strong analytic capabilities, written and oral communication skills.
• Exceptional interpersonal skills with proven experience in relationship building and partnering.
• Must work well in both team and individual settings.