Global Head of Data Protection & Privacy DQS Germany Bad Vilbel
r24 Holding GmbH
Bad Vilbel, Germany
12 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Bad Vilbel, Germany
Tech stack
Computer Security
Data Mapping
Data Processing
Job description
- Develop, maintain, and continuously enhance the company's global data protection and privacy strategy.
- Establish global privacy governance structures, including policies, standards, and procedures.
- Function as the organization's primary subject matter expert for global privacy and data protection laws.
- Regulatory Compliance
- Ensure compliance with major privacy regulations (GDPR, CCPA/CPRA, UK DPA, LGPD, PDPA, etc.).
- Oversee data mapping, Record of Processing Activities (RoPA), and Data Protection Impact Assessments (DPIA).
- Monitor global regulatory developments and assess implications for the organization.
- Data Protection Officer (DPO) Responsibilities
- Serve as the appointed DPO under GDPR, including acting as point of contact for supervisory authorities.
- Advise on privacy obligations and monitor compliance with relevant data protection laws.
- Privacy Operations & Risk Management
- Lead global privacy risk assessments and implement mitigation plans.
- Oversee third-party risk management for vendors and partners handling personal data.
- Ensure proper incident response processes for privacy-related breaches in coordination with IT Security.
- Training & Awareness
- Develop and roll out global privacy training programs for employees and managers.
- Promote a data protection culture across the company.
- Business Partnering
- Advise the departments in the organization on privacy-by-design requirements.
- Review and negotiate data protection clauses and Data Processing Agreements with partners and vendors.
- Audits & Reporting
- Lead internal audits and coordinate external audits related to privacy and data protection.
- Provide regular reporting to the Executive Committee and Board-level audit or compliance committees.
Requirements
- Master's degree in Law, Compliance, Information Security, or related field preferred.
- Certifications such as CIPP/E, CIPM, CIPT, or ISO 27701 Lead Implementer are a strong asset.
Professional Experience
- 7-10 years of experience in data protection, privacy, compliance, or related fields.
- Proven experience in global or multi-regional privacy program management.
Skills & Competencies
- Deep understanding of global data protection laws (GDPR, CCPA/CPRA, LGPD, etc.).
- Strong technical and information security understanding
- Strong stakeholder management skills.
- Excellent analytical and problem-solving capabilities.
- Ability to manage cross-functional projects and influence senior leaders.
- Strong communication skills; able to simplify complex privacy topics for non-experts.
- High ethical standards and resilience in navigating regulatory complexity.
Success Factors
- Ability to build and maintain a robust global privacy governance framework.
- Proactive partnership with business functions to enable innovation while ensuring compliance.
- Strong risk management mindset with business-enabling orientation.
- Trusted advisor to senior leadership and confident regulator interface.
About the company
rent24 bietet flexible Coworking- und Coliving-Lösungen für Freiberufler, Startups, Gründer, Unternehmen und Firmen gleichermaßen. Mit den aktuellen Coworking-Standorten in Berlin, Bremen, Dortmund, Hamburg und Amsterdam bietet rent24 eine Vielzahl offener und geschlossener Büroräume, kreativ eingerichtete Tagungs- und Konferenzräume, einen Activity Room mit Tischtennisplatte, Tischfußball und Nintendo Wii sowie mehrere Loungebereiche und ein privates Kino.