Senior Privacy Counsel - DPO

Summary

Join Pennylane, a fast-growing FinTech company, as their Senior Privacy Counsel - Data Protection Officer. You will play a crucial role in ensuring GDPR compliance across the company. This involves implementing a continuous improvement roadmap, managing a network of GDPR ambassadors, collaborating with product teams on privacy by design, and maintaining up-to-date documentation. You will also conduct legal and technological surveillance, interact with regulators, and handle data subject requests. This is a pivotal role in a rapidly expanding company, offering significant business impact and the chance to shape the future of data protection within a dynamic environment.

Requirements

• Be a lawyer or legal professional with solid experience in personal data protection (at least 8 years) in a high-growth company in a relevant sector, preferably fintech, with a strong product/tech orientation
• Have excellent mastery of personal data regulations and in-depth technical mastery of IT tools and security measures in a SaaS environment
• Be pragmatic, enjoy solving problems efficiently to implement appropriate solutions while constantly seeking simplification
• Have a sense of creativity and ingenuity, a strong business instinct, and work rigorously
• Be able to work on several projects at the same time while having knowledge of the details of each
• Enjoy working in a team, collaborating with other teams, including tech and product teams, and have excellent interpersonal skills
• Have excellent communication and writing skills in French and English
• Enjoy challenges, finding innovative legal solutions to new problems and taking risks to define new practices that meet Pennylane's objectives (even revolutionizing market standards if necessary!)
• Understand business issues and know how to differentiate between what creates value and theoretical legal debates

Responsibilities

• Implement GDPR compliance for all Pennylane processing
• Define a continuous improvement roadmap and implement necessary initiatives autonomously
• Animate the network of GDPR ambassadors, acting as operational relays for the DPO in each department
• Support product teams to integrate Privacy by Design from the design stage of product features, in coordination with the Product Counsel
• Improve GDPR documentation, keeping up-to-date policies, registers, activity reports, and impact analyses
• Define and implement a training program adapted to identified priorities and the challenges of each team, in collaboration with the CISO's team
• Conduct legal and technological monitoring of personal data protection to anticipate regulatory changes and adapt Pennylane's compliance
• Establish a constructive and open relationship with regulators, particularly the CNIL
• Coordinate the management of requests to exercise the rights of data subjects
• Intervene with the Security team on incidents involving personal data
• Negotiate clauses/annexes relating to the protection of personal data in contracts with clients and suppliers to strengthen the legal security and compliance of contracts

Preferred Qualifications

• Experience as a DPO will be highly valued, ideally with a DPO certification
• Experience related to a regulated profession will be a plus
• Speak English (level is evaluated and appreciated according to the department you apply to)
• Appreciate working in a constantly changing environment
• Make collaboration a priority within your team or with other stakeholders
• Have sufficient perspective to prioritize high-impact business actions in your daily activity

Benefits

• One of the best health insurance plans on the market (Alan Blue and Alan Mind)
• Restaurant vouchers (Swile card)
• Between 6 and 12 additional RTT days in addition to the 5 weeks of paid leave
• Opportunity to improve your English with Busuu
• A monthly budget for all Pennylaners, encouraging work from home or in coworking spaces
• Easy access to our offices, located a few minutes from Saint Lazare in the heart of Paris
• A stock option pool envelope
• Access to 8000 gyms throughout France and more than 300 wellness activities via our partner Gymlib
• A Mac
• We practice many sports together and are keen to meet regularly for corporate events such as Tech Days (which allow remote Pennylaners to meet every 3 months) or our annual company seminar, which promotes great moments of cohesion for everyone