EMEA Privacy Manager

EMEA Privacy Manager

Łódź, Poland

The Privacy Manager (EMEA) establishes, implements, and audits programs and procedures to enable processing personal information across McCormick’s EMEA operations in a manner that sustains the trust of our consumers, employees, and business partners and complies with applicable laws and regulations. This position is responsible for providing operational guidance and advancing desired organizational privacy behaviors as a member of McCormick’s global Data Protection & Privacy Team. Serves as a pro-active business partner working with cross-functional stakeholders across geographies and levels to provide practical guidance and solutions.

MAIN RESPONSIBILITIES

• Privacy Strategy: Directs and provides strategy for the design and oversight of McCormick’s privacy program across EMEA operations, including policies, procedures, and systems to support privacy compliance activities. Influences strategy and priorities for McCormick’s global privacy program. Develops, promotes, and effectively manages strategic relationships and interfaces with stakeholders at multiple levels and across functions, including HR, Legal and Marketing.

• Privacy Compliance & Controls: Monitors privacy laws and regulations (new or changes) and develops remediation plans, as necessary, in partnership with McCormick’s Legal Department. Develops and monitors a regional compliance plan and controls framework. Supports internal or external privacy audits, as necessary, and conducts annual testing of key privacy processes. Leverages information technology systems to enhance compliance procedures.

• Privacy Operations: Evaluates privacy incidents and supports investigations and reporting in accordance with internal policies and applicable laws. Collaborates with IT and Information Security teams where necessary to modify or implement process controls, methods, and best practices to remediate any identified gaps. Manages responses to privacy inquiries from consumers, employees, and business partners. Maintains personal information inventories and data maps. Develops and refreshes privacy notices to inform individuals about relevant personal information processing activities.

• Privacy Risk Management: Identifies privacy risks, including third-party due diligence, and assesses such risks based upon relevant methodologies and risk factors. Develops remediation plans and supports various stakeholders to mitigate risks. Assesses privacy terms in third party contracts and proposes redlines, as necessary.

• Privacy Culture: Communicates privacy policies, procedures and programs and acts as a lead internal resource for privacy matters across EMEA entities. Provides guidance to project teams and process owners. Raises awareness and trains employees to promote desired privacy behaviors by developing clear and effective privacy training programs and communications.

CANDIDATE PROFILE

• 5+ years’ experience as a data privacy professional including experience conducting privacy impact assessments, audits, compliance monitoring or assessing privacy incidents/breaches, preferably in a multinational organization.

• Fluent English language skills.

• In-depth knowledge of current and emerging global privacy laws and regulations, such as the EU General Data Protection Regulation (“GDPR”) and national implementation legislation.

• Thorough understanding of Information Technology (IT) and Security (IS) related environments.

• Ability to identify, assess, review, and prioritize current or future privacy risks associated with personal information processed by McCormick.

• General knowledge of NIST, ISO and other common privacy frameworks, and experience in implementing them within an enterprise.

• Understands the value of privacy among different stakeholder groups (e.g. consumers and employees) beyond compliance with laws and regulations.

• Proactively assesses new data protection laws and regulations and other market factors (including technology trends) to influence functional privacy planning.

• Excellent written and verbal communications skills including ability to discuss technical information with non-technical stakeholders across multiple countries and cultures.

• Proven leadership and project management skills with a problem-solving mindset.

• Detail oriented with strong organizational skills and ability to handle confidential information with discretion.

• Works well with employees across levels, functions, and geographies.

• Challenges the status quo, champions change and influences others to demonstrate desired organizational privacy behaviors 

#LI-DNI

Agencies: McCormick as needed will work with external recruitment vendors through our Agency Portal. Unless previously contacted, McCormick does not accept unsolicited resumes from external recruiting agencies.

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, colour, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

As users of the disability confident scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancy/ies.