Privacy Officer Cracow, Poland

Job Description:

Summary

The Privacy Officer is responsible for overseeing all activities related to the development implementation and maintenance of the organizations privacy program in accordance with applicable data protection laws and internal policies. This role ensures the companys compliance with privacy regulations (such as GDPR CCPA HIPAA or others) and fosters a culture of accountability and transparency regarding personal data use. The Privacy Officer serves as the subject matter expert on data protection issues and is a key liaison between legal compliance IT information security HR marketing and other departments to ensure privacy is integrated into all operations.

Duties and Responsibilities

Develop implement and maintain the companys privacy governance framework including policies procedures and controls.

Conduct regular reviews and updates of the privacy program to reflect changes in laws regulations and best practices.

Monitor and interpret relevant global national and local privacy laws (e.g. GDPR CCPA HIPAA etc.) and advise the business accordingly.

Oversee the data breach response process including investigation documentation mitigation notification and remediation.

Collaborate with Legal IT and Information Security to manage and report data breaches in compliance with applicable laws.

Ensure company practices align with regulatory requirements and industry standards for data protection.

Develop and deliver training programs for employees on privacy practices policies and legal obligations.

Promote privacy awareness across the organization to embed a privacy-by-design culture.

Lead Privacy Impact Assessments (PIAs) for new or updated products systems or processes.

Conduct Data Protection Impact Assessments (DPIAs) and present a summary of identified risks along with proposed mitigating measures to the Data Protection Officer (DPO).

Escalate relevant issues to the Risk and Compliance Manager and the General Counsel in accordance with escalation protocols.

Advise staff on privacy-related matters and provide training to increase internal knowledge in this area.

Act as the primary point of contact for regulatory authorities (e.g. Data Protection Authorities) and manage regulatory filings and reporting as required.

Monitor Privacy mailbox.

Review clients contracts from a data privacy perspective.

Ensure data processing agreements/addendums (DPAs) and standard contractual clauses (SCCs) are in place where appropriate.

Acts as the primary point of contact with our appointed Data Protection Officer (DPO).

Oversee and manage requests from data subjects (e.g. access deletion correction restriction and portability).

Ensure timely and compliant responses to data subject access requests (DSARs) and inquiries.

Assist in performing GDPR/Data Privacy risk assessments and monitoring with other compliance and control functions results are shared with Leadership on quarterly steering call as well as line of business leadership.

Serve as a primary point of contact for internal and external audit functions ensuring timely follow-up on audit findings and exception remediation.

Provide guidance to executives staff and employees on data privacy aspects.

Participate in a multifaceted educational awareness and training program that focuses on the elements of the compliance program policies and procedures

Ensure compliance with information security and privacy policies procedures and workflows that refer to privacy or security breach incidents.

Work closely with departments such as Legal IT Information Security HR Sales and other departments to embed privacy requirements into day-to-day operations and strategic initiatives.

Advise product and technology teams on privacy-by-design and data minimization strategies.

Evaluate third-party vendors for privacy compliance contract negotiation and ongoing oversight.

Participate in the remediation exercises as required.

Participate in strategic projects at the organizational level as required.

Required Qualifications

Bachelors degree in law Business IT or a related field.

Advanced degree (Master of Laws (LLM) Master of Science (MSc) in Data Privacy Data Protection etc.) is a plus.

Minimum of 3-5 years experience in privacy or data protection roles (total professional experience: 510 years; relevant privacy/data protection experience: minimum of 35 years within the total experience specifically in roles focused on privacy or data protection)

Proven experience in implementing and managing data privacy programs.

Familiarity with regulatory regimes such as General Data Protection Regulation (GDPR) California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) Health Insurance Portability and Accountability Act (HIPAA) and others relevant to the business.

Strong knowledge of global privacy laws and frameworks.

Preferred Qualifications

One or more of the following preferred: Certified Information Privacy Professional (CIPP/E CIPP/US CIPP/A etc.) Certified Information Privacy Manager (CIPM) Certified Information Systems Security Professional (CISSP)

Excellent communication and interpersonal skills; ability to explain complex legal and technical terms in simple language.

Analytical and problem-solving skills with a proactive mindset. Project management and organizational skills.

High ethical standards and attention to detail.

Ability to work independently and collaboratively in a fast-paced environment.

Minimum salary: 16667 PLN gross/month

About AML RightSource

AML RightSource is the leading expert solutions provider of managed services and advisory dedicated exclusively to financial crime compliance. As financial crime continues to evolve we help organizations stay ahead through expert-led services and deep industry knowledge.

Specializing in anti-money laundering financial crime prevention and third-party compliance we deliver tailored solutions that enhance operational efficiency and reduce business risk. With a global presence and a team of more than 7000 specialized trained professionals AML RightSource partners closely with clients to transform their compliance programs into strategic advantages.

Our focused expertise and partnership-driven approach ensure adaptable scalable solutions that meet todays complex regulatory demands. We empower organizations to strengthen compliance protect their businesses and confidently navigate an ever-changing financial crime landscape.

AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

All the information concerning breaches of law during the recruitment process should be reported at Upon request you will be provided with Internal procedure for reporting and following up on breaches of law adopted by the Company based on the Whistleblower Protection Act.

Recruitment Scam Alerts

Were aware of an increase in recruitment scams where individuals falsely claim to represent AML RightSource. These scammers may ask for money or personal information by offering fake job opportunities through e-mail text message or social media. Please verify the source of any job-related communications carefully. All official AML RightSource communications are conducted through @ email addresses. If you encounter suspicious messages do not respond.