PwC utilise des cookies pour personnaliser votre visite et vous assurer une meilleure expérience sur notre site. En continuant, vous acceptez notre utilisation des cookies. Pour en savoir plus, cliquez ici.

Data Privacy Office

Secteur : Pharmaceutical laboratory

Lieu : Paris

Référence du poste : 1680
Date de l'offre : 08/12/2017

Description du poste

a Pharmaceutical laboratory recruits a Data Privacy Office.

Stakeholders:- Data Privacy Authorities (CNIL and foreign equivalent)- Professional organisations incl. IAPP, EFPIA, AFCDP


The designation of a Data protection Officer is required by Art. 37 of the EU General Data protection Regulation (GDPR).

The main tasks of the DPO are described in Art. 39 of same GDPR (reproduced below)

Tasks of the data protection officer

1. The data protection officer shall have at least the following tasks:

1. to inform and advise the controller or the processor and the employees who carry out processing oftheir obligations pursuant to this Regulation and to other Union or Member State data protection provisions;

2. to monitor compliance with this Regulation, with other Union or Member State data protectionprovisions and with the policies of the controller or processor in relation to the protection of personal data,including the assignment of responsibilities, awareness-raising and training of staff involved in processingoperations, and the related audits;

3. to provide advice where requested as regards the data protection impact assessment and monitor itsperformance pursuant to Article 35;

4. to cooperate with the supervisory authority;

5. to act as the contact point for the supervisory authority on issues relating to processing, including theprior consultation referred to in Article 36, and to consult, where appropriate, with regard to any othermatter.

2. The data protection officer shall in the performance of his or her tasks have due regard to the risk associatedwith processing operations, taking into account the nature, scope, context and purposes of processing


- Design and implement a Company’s privacy and personal data strategy, policy and governance, organize and chair the DataPrivacy Steering Committee in this respect;

- Lead the implementation of the action plan of compliance of the group’s activities with GDPR regulation and other privacyregulations applicable outside Europe, in cooperation with ITS Department and the Global Functions and Global BusinessUnits as relevant and proceed with any adjustments to the plan deemed necessary;

- Consolidate and develop the data privacy network within the Company (privacy champions, local privacy officers orequivalent)

- Coordinate with DPOs dedicated to a specific GF, if any;

- Ensure consistency of implementation of the Company’s privacy policies;

- Develop and deploy, or assist in developing and deploying, policies, procedures, guidelines and other tools incl. IT requiredfor compliance with GDPR and the Company’s global privacy policy;

- Act as the contact point for the lead Data Protection Authority (CNIL) on issues relating to personal data processing for theCompany; interact with other local Data Protection Authorities as needed;

- Act as the contact point for data subjects with regard to all issues related to the processing of their personal data and the exercise of their rights;

- Build and implement an awareness program through communication and trainings;

- Provide advice on data privacy related matters to business and relevant stakeholders, in coordination with relevant expertise, legal or otherwise;

- Carry out Privacy Impact Assessments and assist data controller in PIA.

- Manage and develop the Data Privacy team

Profil recherché

Expérience : 10 years’ experience in privacy and personal data protection in a global company, an international privacy consulting or law firm(previous experience in the health sector highly appreciated)


- In-depth knowledge of the GDPR;- Strong knowledge and interest in IT, digital and new technologies;

- Solid experience in project management and change management;

- Excellent problem-solving skills and business acumen;

- Ability to lead, engage and work transversally;

- Excellent writing and communication skills;

- Fluent in English and French.


- Master in Law or in Privacy (alternatively in IT);

- Privacy certification (CIPP, etc.) appreciated;


Véronique Abéla
Tél. : + 33 1 56 57 19 25
Céline David
Tél. : + 33 1 56 57 11 95

Adresse email 
Mot de passe 
Mot de passe oublié ?