Lenovo is seeking a Privacy Manager for its Europe region, reporting to the Senior Director, Global Privacy.
The successful candidate will manage and drive privacy and data governance policies, processes, training and strategies within Lenovo’s Europe (EMEA) region and across its three primary business groups – Personal Computing & Smart Devices, Data Center Group and Mobile Business Group. The position will collaborate with internal and outside counsel (especially within the EMEA region), technology experts, marketing and sales leads, product developers and members of Lenovo’s global Privacy Working Group, as well as with Lenovo’s customers and suppliers as needed.
The successful candidate will have at least five years of direct experience in managing technology companies’ activities to meet the requirements of European privacy and data protection laws, and an in-depth understanding of the requirements under Europe’s new General Data Protection Regulation (GDPR). The role will also need to demonstrate an ability to thrive in a large, global company while coordinating the efforts of a large cross-functional group of internal stakeholders. Strong communication and presentation skills will be necessary to explain complex matters to business partners in a manner that is readily understandable in order to ensure well-informed business decisions.
- Educating the Lenovo group of companies and its employees on important privacy and related data protection compliance requirements, with a particular emphasis on European requirements, notably GDPR.
- Training applicable staff involved in data processing in compliance with applicable laws, company policies and industry standards.
- Creating and maintaining governance and accountability records to maintain group companies’ compliance to privacy obligations, in particular European requirements.
- Maintaining comprehensive records of data processing activities conducted by the company, including the purpose of all processing activities, which must be made public on request.
- Conducting privacy audits and assessments to ensure compliance and address potential issues proactively.
- Monitoring performance and providing advice on the impact of data protection efforts.
- Serving within the Global Privacy Program and working closely with the Lenovo EMEA Legal and government affairs team, the global Privacy Working Group, the Lenovo Information
- Security Team, the Lenovo Product Security Teams, and other important Lenovo privacy and data protection partners.
- Serving as a point of contact between the company and government/supervisory authorities, as needed.
- As needed, interfacing with data subjects to inform them about how their data is being used, their rights to have their personal data erased, and what measures the company has put in place to protect their personal information.
- Managing potential and actual privacy incidents.
- 5+ years of direct experience in managing technology companies’ activities to meet the requirements of European privacy and data protection laws, and an in-depth understanding of the requirements of GDPR.
- J.D./ Law Programs Degree (Preferred)
- Certified EU General Data Protection Regulation Practitioner qualification accredited to ISO 17024; or the BCS Data Protection Practitioner qualification; or Certified Information Privacy Professional – Europe (CIPP- Europe) (Preferred).