Key Purpose

• The Privacy Associate will: assist the Global Privacy Manager in all aspects of the data privacy lifecycle; maintain and review all data privacy related documents; create and draft presentations, letters, outlines, papers and other documents; oversee the organization of documents and data in electronic databases; perform research; support data privacy compliance efforts; and be involved in other projects as may arise from time to time.  Possibly opportunity to travel to the U

Areas of responsibility may include but not limited to

• Assisting the Global Privacy Manager to drive the maturing of data privacy governance framework to manage data use in compliance with relevant national legislation, certifications, and industry standards whether in the US, South Africa, EU or other jurisdictions.
• Responsible for coordinating and conducting data privacy impact assessments and data privacy audits.
• Responsible for reviewing of Data Processing Agreements and related agreements, in relation to service providers and clients.
• Responsible for conducting reviews of any service providers that will process personal data.
• Providing support in relation to any external audits or certifications.
• Responsible for supporting the completion of the privacy and related sections of RFPs.
• Assist with developing and delivering privacy and AI training.
• Responsible for updates to privacy notices and consents.
• Assisting the Global Privacy Manager with ensuring that Vitality’s systems and procedures comply with all relevant data privacy and protection law, regulation, and policy (including in relation to the retention and destruction of data).
• Assisting with data protection queries received from across the business.
• Performing responsible, specialized and confidential assignments and research on privacy and AI topics.
• Work closely with internal clients.
• Managing Privacy software.

Personal Attributes and Skills

Behavioral Skills

• Values Driven
• Optimistic
• Learns on the Fly
• Resilient
• Instils Trust
• People Savvy
• Drives Results
• Problem Solver
• Communicates effectively

Education and Experience

Required:

• Bachelor or Laws
• Hold at least one Data Protection and/or Privacy certification such as: CIPP/E; CIPP/M; CIPT

Experience:

• Minimum of 3 years’ experience within an internal compliance, legal, audit and/or risk function, with recent experience in data privacy and security compliance
• Exposure to the NIST Privacy Framework and/or ISO27001 would be advantageous.
• Experience with the GDPR/ HIPAA/ CCPA.
• Prior experience with OneTrust and ServiceNow would be advantageous.

Knowledge:

• Strong knowledge of data privacy and data protection regulation, and a good understanding of other major privacy frameworks and evolving legislation worldwide
• Working knowledge of information technology and data management systems
• Experience of working in a large, global organization
• Knowledge of PC applications, including MS Office
• Excellent writing and presentation skills