About RX Global
RX is in the business of building businesses for individuals, communities and organisations. We elevate the power of face-to-face events by combining data and digital products to help customers learn about markets, source products and complete transactions at over 400 events in 22 countries across 43 industry sectors. RX is passionate about making a positive impact on society and is fully committed to creating an inclusive work environment for all our people. RX is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers.www.rxglobal.com
RELX is a global provider of information-based analytics and decision tools for professional and business customers. The Group serves customers in more than 180 countries and has offices in about 40 countries. It employs over 33,000 people, of whom almost half are in North America.
This position will report to the Data Protection Officer/Global Director of Privacy and is based in our office in Richmond, Greater London, UK
Job Purpose: With your experience and knowledge of privacy and data protection in multiple jurisdictions, together with your keen interest in data and innovation within the events (or similar) industry, you will support the organisation in meeting our compliance, legal and ethical standards across our EMEA, APAC and Americas markets.
As a leader within the Global Privacy Office and the wider RX Compliance team, you’ll play an important part in upholding RELX and RX’s privacy and data protection compliance policies, principles and standards. As Deputy Data Protection Officer, you will report to the Data Protection Officer (DPO) and will lead a team of Regional and Global Data Protection Managers and Paralegals who assist the business in navigating our legislative requirements including GDPR, ePrivacy, CCPA, CPRA, LGPD, POPIA and PDPA.
Supporting the DPO in the development and maintenance of the RX Privacy Centre of Excellence by:
- Implementing and regularly review of the Global Privacy Strategy and the Global Privacy Compliance Programme, ensuring that both accurately reflect the global compliance requirements and commercial activities of the business;
- Managing a team of privacy SMEs, ensuring that risks and safeguards are appropriately identified, accurate and timely advice is issued, and the appropriate support is provided to the business at all times;
- Measuring and tracking global privacy compliance activity within the business, and communicating compliance status to the DPO, the relevant Business Unit Senior Risk and Compliance Owner, the Senior Leadership Team, internal Legal Counsel and other key stakeholders;
- Overseeing the management of the Global Rights Centre, ensuring that the process and resourcing are effectively managed, and requests are completed to the required standard and on time;
- Developing and delivering accessible privacy compliance training, policies, toolkits, and guidance that reflect the relevant privacy and data protection compliance requirements globally;
- Reviewing Data Protection Impact Assessments (and other privacy reviews) to assess the impact of proposed changes to personal data processing activities globally, and agree appropriate mitigating actions with the deploying business unit or function;
- (In consultation with internal counsel) reviewing and drafting privacy notices and supplementary notices relevant to specific processing activities;
- Creating and implementing the RX Global Privacy Audit Programme; and
- Staying informed on the evolving privacy and data protection landscape to (a) understand the potential impacts on the services provided by Reed Exhibitions; and (b) to design and implement the necessary corrective actions in relation our current operations, processes and tools to remain compliant.
Ideal Candidate Profile
The business is looking for a candidate with extensive data protection knowledge and experience in a commercial environment. Such knowledge and experience should include:
- At least 5+ years of dedicated working knowledge, and real-world experience of data protection and privacy law, in particular those laws relevant to the EMEA, APAC and Americas markets;
- Exceptional interpersonal, communication and negotiation skills. With these skills you have an excellent track record of building / supporting a culture of privacy within a commercial environment and create buy-in with all levels of the organisation;
- Pragmatic solution finder: your default position should not be ‘no’;
- The ability to analyse legislative requirements and relate these to organisational practices and solutions;
- Experience in applying privacy in the context of marketing, sales, e-commerce and virtual / online platforms;
- A highly visible champion in the business with a ‘can do’ attitude and enthusiasm that inspires others;
- Ability to move at pace and use different improvement strategies appropriate to the scope of work;
- Ability to appropriately take control and exercise leadership;
- Well organised and efficient, with the ability to multi-task and meet tight deadlines;
- Strong ability to work effectively and supportively within a global team and organisation;
- Experience in using and navigating OneTrust and Data Guidance;
- Always willing to accept and share knowledge, which includes undertaking any additional training that may be offered / required to fulfil the requirements of the role; and
- Ability to travel globally as needed.
- Commercially sensitive
- Responsive and service-oriented
- Organised / process driven
- Attentive to detail and accuracy
- Cooperative (low ego), supportive, collaborative and flexible
- University degree or equivalent, plus 5+ years working in privacy / data protection roles in a commercial environment.
- Fluency in English is required; fluency in French, German, Chinese, Japanese, Portuguese or Spanish is desired.
- CIPP/E, CIPP/US, CIPP/M, CIPP/T, CIPP/A or other officially recognised privacy certification is sought of the preferred candidate.