GENERAL SUMMARY
MSC is looking for an experienced Legal Counsel specialized in Data Protection to help it meeting its obligations under the General Data Protection Regulation (GDPR), the Greek Data Protection Law 2472/1997 amended and other applicable data protection laws. Within MSC’s Corporate Legal Data Protection Team, the Legal Counsel will provide guidelines to business and operational functions to ensure those meet the applicable legal requirements. He/she will be notably responsible for trainings, data protection impact assessments, contract reviewing and internal audits.
ESSENTIAL DUTIES AND RESPONSIBILITIESIn this role, you will work closely with the Legal/Compliance, Information Technology and Information Security functions to develop and monitor policies and standards applicable to the business and in compliance with the GDPR and data protection laws. Duties will include:
- Draft and implement policies, procedures, guidelines, measures and other privacy governance frameworks to manage data use, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
- Working with key internal stakeholders in the review of projects and related data to ensure compliance with data protection laws, and where necessary, complete and advise on privacy impact assessments.
- Serving as the primary point of contact for queries in the business.
- Serving as the primary point of contact for data subject access requests (DSAR).
- Liaise with Data Protection Authorities on all data protection related matters.
- Reviewing vendor contracts and ensuring filing requirements with local regulators are achieved.
- Conducting ongoing reviews of MSC data protection governance framework, including setting standards and reviewing policies and procedures globally that meet the legal requirements.
- Monitoring changes to local data protection laws and making recommendations to local entities when appropriate.
- Developing and delivering data protection training to various business functions.
- Support the DPO in undertaking audit, review and evaluation of MSC’s measures to comply with legislations’ and the MSC group policies’ requirements.
- Collaborating with the Information Security function(s) to raise employee awareness of data protection and security issues and providing training on the subject matter.
- Collaborating with the Information Security function(s) to maintain records of all data assets and exports, and maintaining a data security incident management plan to ensure timely remediation of incidents including DPIA, security breach response, complaints, claims or notifications, and responding to DSAR.