Data Protection Specialist

Make Your Mark as a Data Protection Specialist at Storio group

About the role

As the Data Protection Specialist, you will be a key operational support in ensuring the Group's compliance with data protection laws. Your primary focus will be on preparing, coordinating, and maintaining crucial documentation, such as records of processing activities (RoPA), risk assessments, Data Subject Rights (DSR) Coordination and incident handling. You will also play a vital role in supporting the Group Data Protection Officer (DPO) in breach handling, awareness efforts, and policy implementation. We are seeking an enthusiastic, detail-oriented, and proactive privacy professional with a solid foundational understanding of the GDPR to contribute to establishing a robust privacy network.

Reporting directly to the Group Data Protection Officer (DPO), you will collaborate closely to ensure all data protection activities are well-documented and consistently applied across company groups.

How you embrace curiosity daily

• Prepare initial drafts and coordinate inputs for risk assessments, including Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), and Transfer Impact Assessments (TIAs).
• Assist in documenting and tracking identified privacy risks and mitigation actions.
• Maintain, update, and ensure the accuracy of the Records of Processing Activities (RoPA), working closely with business units to gather necessary information.
• Support the DPO in drafting internal data protection guidelines, procedures, and policy documentation.
• Monitor the DPO mailbox and coordinate the intake and preliminary resolution steps for Data Subject Rights requests, ensuring compliance with established procedures and timelines.
• Support the DPO and collaborating teams by preparing necessary documentation during the investigation of data breaches or privacy incidents.
• Assist in tracking and documenting the implementation of response action plans.

How you make your mark

• Enabling Strategic Compliance: By maintaining the Records of Processing Activities (RoPA) and preparing DPIAs/TIAs, you directly enable the Group DPO to focus on strategic risk management and business alignment, ensuring a complete and defensible compliance posture.
• Risk Mitigation through Documentation: Your contribution ensures that data processing activities are correctly mapped and documented, providing the audit trail necessary to identify, track, and mitigate privacy risks effectively across all operating jurisdictions.
• Operational Readiness: You ensure the team is operationally ready to respond to regulatory and data subject demands by maintaining organized records and coordinating the timely handling of Data Subject Rights (DSRs) and incident documentation.
• Promoting Awareness: Through the preparation and coordination of training materials, you are instrumental in fostering a strong privacy-conscious culture across the organization, which is essential for proactive risk reduction.
• Supporting Group Integrity: Your diligent support allows the Group DPO to efficiently oversee multi-jurisdictional compliance, safeguarding the company's integrity and reputation by reducing the likelihood of regulatory fines or successful litigation.

What you bring to the team

• 1-3 years’ experience within Data Protection or privacy-related roles, preferably in a multi-jurisdictional organisation.
• Foundational knowledge of GDPR principles and data protection best practices.
• Exceptional organizational and documentation skills with a keen eye for detail.
• Competent using technology for documentation and workflow (e.g., MS Office Suite,Google Workspace and othercollaboration tools).
• Proactive team player who can also manage and prioritize tasks autonomously.
• Strong verbal and written communication skills; fluency in English is required.

What sets you apart

• Bachelor's Degree in a related field (Law, IT, or Business Administration).
• Practical experience in maintaining RoPAs or assisting with DPIA documentation.
• Certification in data protection, such as CIPP/E (or working towards it).
• Familiarity with a data privacy software (e.g., OneTrust).
• Knowledge of privacy regulations in one of the following jurisdictions: Germany, the UK, Spain, or France.

About us

At Storio Group, we help people hold onto life's moments. We make personalised photo products that turn fleeting memories into things you can keep, share, and re-live.

Every person at Storio Group helps create our products and shape our company. You will see the impact of your work daily. We invite you to make your mark on our business, products, and customers' lives.

We act with heart by putting people first and valuing diverse perspectives. We give our best and aim for high standards in all we do. We own our work, taking initiative to find solutions. We embrace curiosity, always learning and trying new things. We find the joy in our work and create a positive environment.

Equal Opportunities & Right to Work

Storio Group is an equal opportunity employer, celebrating diversity and fostering an inclusive environment. If you require reasonable adjustments during interviews please contact our HR team.

Applicants must also have the legal right to work in the position's country without requiring sponsorship.

#J-18808-Ljbffr