Data Protection Officer

To be accountable for and oversee data protection in Hungerstation in compliance with the data protection laws and to be the central point of contact for implementation projects regulator engagement and strategic privacy questions.

Key Accountability Areas

Personal Data Protection

• Collaborate with Hungerstation senior management Legal and Cyber Security teams to implement the Hungerstation data protection and AI compliance program aligned with the global Delivery Hero privacy strategy.
• Act as a point of contact for the Saudi Data & AI Authority (SDAIA) and other regulators in the Kingdom of Saudi Arabia.
• Align policies practices and procedures as well as investigations and assessments with internal stakeholders.
• Promote a privacy-oriented corporate culture and ensure continuous training and awareness measures at Hungerstation.
• Lead Hungerstations data governance program with a strong focus on data classification and enabling the exercise of data subject rights.
• Monitor and update Hungerstations records of personal data processing activities.
• Support and advise the business and operational teams on data protection-related matters.
• Perform privacy assessments and audits in alignment with the Personal Data Protection Law of the Kingdom of Saudi Arabia (PDPL) requirements and global Delivery Hero standards.
• Internal and external reporting of compliance KPIs
• Provide support and advice regarding all aspects of Personal Data Protection including contributing to developing policies and internal procedures related to Personal Data protection.
• Participate in awareness activities training and transfer of knowledge regarding Personal Data protection and compliance with provisions of the Law Regulations and ethics of data handling.
• Contribute to reviewing plans of response to Personal Data Breach incidents and ensure that such plans are adequate and effective.
• Prepare periodic reports regarding activities related to the processing of Personal Data and providing recommendations to ensure compliance with provisions of the Law and its Regulations.
• Maintain the confidentiality of Personal Data and its level of sensitivity based on its classification and relevant regulatory requirements to determine the adequate level of protection and processing mechanism.
• Monitor the SDAIAs issued laws regulations and instructions and the equivalent implement any amendments thereto and inform the relevant departments of the same to ensure compliance therewith.
• Collaborate with individuals responsible for implementing activities related to AI ethics to ensure that the requirements of Personal Data Protection and Data Subjects privacy are met.

Governance and Resilience

• Follow all relevant policies procedures and processes for the daily work to be carried out in a controlled and consistent manner.
• Contribute to the identification of opportunities for continuous improvement of processes and practices to enhance effectiveness.
• Uphold a high-performance working environment and promote HSs Values.

Qualifications :

• Bachelors degree in Law or equivalent qualification.
• 3 years working experience in data protection preferably in a regulated entity in Saudi Arabia or the MENA region
• Certified expertise on data protection and AI legislation with solid knowledge of information security practices (IAPP CIPP S-CDPO CISSP or similar industry-standard certifications are a plus)
• Proven track record of implementing compliance requirements and managing privacy projects
• Deep understanding of the interrelations between law and technology (previous experience in the online tech industry is welcomed)
• Experience in investigating potential privacy incidents determining reporting requirements and developing risk-based corrective action plans
• Strong negotiation skills in interactions with supervisory authorities
• Having sufficient knowledge of Personal Data breach risks.
• Having sufficient knowledge of regulatory measures for Personal Data protection and other relevant organizational measures for performing DPO tasks.
• Honesty and integrity and not having been convicted of any offense involving dishonesty or breach of trust.
• Written and spoken fluency in Arabic and English are required      

Remote Work :

No

Employment Type :

Full-time