Privacy Counsel, APAC

Job Title: Privacy Counsel, APAC

About Dentsu

Led by Dentsu Group Inc. (Tokyo: 4324; ISIN: JP3551520004), a pure holding company established on January 1, 2020, the Dentsu Group encompasses two operational networks: dentsu japan network, which oversees Dentsu’s agency operations in Japan, and dentsu international, its international business headquarters in London, which oversees Dentsu’s agency operations outside of Japan.

With a strong presence in approximately 145 countries and regions across five continents and with 65,000 dedicated professionals, the Dentsu Group provides a comprehensive range of client-centric integrated communications, media and digital services through its five leadership brands—Carat, dentsu X, iProspect, Dentsu Creative, and Merkle—as well as through Dentsu Japan Network companies, including Dentsu Inc., the world’s largest single brand agency with a history of innovation. The Group is also active in the production and marketing of sports and entertainment content on a global scale.

www.dentsu.com

Purpose of the role

This role is to ensure dentsu’s data protection compliance within dentsu meeting its obligations under data protection and privacy law. The role is an indvidiual contributor and will work closely with local legal peers. This role acts as the subject matter expert for data protection and privacy matters across the region reporting directly to the General Counsel, APAC.

Key responsibilities and accountabilities

• Partner with leaders and Legal peers to be their first point of contact to provide legal and strategic data protection and privacy advice. Seeking solutions that help minimise risk and resolve issues whilst also maximising opportunities for our business to deliver on its goals and protect dentsu’s commercial interests.
• Be at the forefront of advising on new and existing products from a data protection standpoint, as well as advising on ways to minimise risks both for dentsu and our clients when taking these products to market.
• Act as an subject matter expect for APAC legal team on complex data protection and privacy matters across the region.
• Collaborate effectively with teams across dentsu, including the global data protection office, Information Security Technology, and local legal teams, to help implement and improve the regional data protection legal and compliance program.
• Monitor and respond to developments in data protection and information security, including new laws, regulations, key judgements, regulatory guidance etc.
• Advocate the ‘value add’ of privacy advice and support across the company, including through: conducting training, and more general awareness-raising exercises.
• Advise and support on the negotiation of data protection issues within commercial contracts.
• Lead the roll out of global and regional data protection processes, policies, and other initiatives in APAC, in close coordination with the Global DPO team.
• Be accountable and assume responsibility for compliance by APAC with data protection processes (such as One Trust, the Record of Processing Activities (ROPA), data protection by design, data protection supplier assurance, data breach management, data subject rights requests etc.), data protection policies (such as the Data Protection & Privacy Policy, Commercial Policy etc.), internal requirements (such as dentsu data principles, data retention periods etc.) and data protection laws.
• Perform data protection impact assessments and carry out reviews under the data protection supplier assurance and data protection by design review processes.
• Maintain oversight of the ROPA, personal data flows, thresholds, and how personal data is managed across APAC to ensure that APAC is at all times, compliant with data protection laws.
• Review any data breach assessment, reporting and notifications for APAC.
• Establish the Data Protection Officer (DPO) framework for APAC and maintain oversight of and overall responsibility for DPO appointments and registrations within APAC.
• Monitor APAC data protection developments and provide alerts to internal stakeholders, as appropriate.
• Provide continual guidance to internal stakeholders in APAC on data protection issues.

Expected Educational Qualifications

• A common law qualified lawyer, with at least 7 years’ post-qualification experience.

Skills and Knowledge

• Deep experience and knowledge of applicable laws and best practices, and with significant experience in developing and implementing a data protection compliance program across the region.
• Has strong commercial and business acumen that allows the individual to efficiently and expeditiously compare the relevant legal risks to the scope of commercial strategy and corporate objectives
• Ability to show leadership and confidentialy communicate and manage senior stakeholders.
• Ability to work effectively under pressure and to manage sensitive and confidential information.
• Strong business acumen and extensive experience dealing with and influencing senior stakeholders.
• Good team player with collaborative style of working.
• Lead, coordinate, motivate and develop remote or on the ground very diverse resources, part of a matrix reporting environment.
• Desire to learn more about the wider media and advertising industry