Data Protection Manager

As the Group Data Protection Manager, you will spearhead operational initiatives, such as risk assessments, data breach handling, record-keeping, and provide training to enhance awareness. We are seeking an enthusiastic and proactive privacy professional with a good understanding of the GDPR and experience in implementing privacy principles to contribute to establishing a robust privacy network. Reporting directly to the Group Data Protection Officer (DPO), you will collaborate to align all data protection activities across company groups, ensuring a comprehensive approach. Based in one of our offices in Amsterdam, Barcelona, or London, you will closely collaborate with cross-functional teams in our multi-jurisdictional operations, playing a pivotal role in constructing a unified privacy framework essential for maintaining the company's integrity.

• Risk Assessment : Conduct risk assessments, including PIAs, DPIAs and TIAs, for data processing activities to identify and address privacy risks and vulnerabilities.
• Training and Awareness : Provide training programs to employees on data protection policies, procedures, and best practices to promote a privacy-conscious culture.
• Data Subject Rights Management : Respond to data subject rights requests, ensuring timely and compliant resolutions. Monitor the DPO mailbox to address any incoming requests.
• Incident Handling : Collaborate with the appropriate teams to investigate data breaches or privacy incidents and implement response action plans.
• Vendor and Third‑Party Assessment : Assess vendors' and third parties' data protection practices for compliance with contractual obligations, and effectively manage Data Processing Agreements.
• Record Keeping : Maintain and regularly review records of processing activities (RoPA's) to ensure completeness and accuracy.
• Implementation Support : Assist the Group DPO in implementing data privacy strategies, policies, and processes to ensure compliance with relevant laws.
• Data Inventory Management : Maintain an inventory of processed personal data, ensuring accurate data mapping within the organization.
• Specialist Advisory : Offer guidance and recommendations on diverse data protection topics to both the business and customers.
• Legal Monitoring : Actively monitor changes in privacy laws and regulations affecting the company across Europe.

• 3 years' experience within Data Protection / privacy related roles preferably in a multi‑jurisdictional organisation.
• Proficient knowledge of GDPR and data protection best practices.
• Competent using technology.
• Team player while able to work autonomously.
• Strong organizational and communication skills.
• Fluency in English.

• Bachelor's Degree in a related field.
• Experience with DPIAs, ROPAs, DPA's and data breach response.
• Certification in data protection such as CIPP / E.
• Experience with a data privacy software such as OneTrust.
• Knowledge of privacy regulations in one of the following jurisdictions: Germany, the UK, Spain, or France.

At Albelli-Photobox Group, we understand the importance of work‑life balance. You'll find opportunities to make the most of our generous annual leave policy, remote working policy, and a versatile hybrid working model. We provide a comprehensive benefits package to all Albelli-Photobox employees, and you'll discover a warm and inclusive company culture that includes social events throughout the year and a team rich in diversity.