Data Privacy & Compliance Manager

Yalo

Hi! This is Yalo! We are on a mission to bring conversational commerce to the world...

Remember how it used to be to interact with businesses that knew and understood you, that could recommend exactly what you needed, and that with a simple message could get you what you wanted??? Yep... neither do we. That is why at Yalo we are marrying the scale of digital commerce with the personalization and simplicity of conversations to help companies delight their users.

We know that traditional SAAS companies focus on first-world problems... we don't! Having started in Latin America, our roots are in Emerging Markets and therefore we care about bringing amazing experiences to a population that traditionally has been underserved, such as the small shop owner in Brazil who is ordering online for the first time.

If you're looking for a place to make things happen, learn fast, and impact emerging markets in a way that hasn't been done before, look no further. 💫

Come Join us in our mission of improving billions of lives through the power of conversational commerce!

Job Summary 🧾

As a Data Privacy and Compliance Manager, you will play a critical role in ensuring that Yalo adheres to global data privacy regulations, protects user information, and fosters a culture of compliance. Your focus will include managing data protection policies, aligning the company with evolving legal and regulatory frameworks, and proactively identifying compliance risks in our business processes.

Your mission?

Your mission is to enable Yalo to build trust with its customers and users by implementing robust data privacy and compliance frameworks that protect sensitive information and ensure ethical and lawful business operations. This role is key to safeguarding Yalo’s reputation and aligning operations with global and regional regulatory standards.

What are the responsibilities for this role? 🧠

• Develop, implement, and maintain Yalo's data privacy policies and procedures in compliance with relevant global regulations (e.g., GDPR, LGPD, CCPA).
• Ensure compliance with ISO 27001, SOC 2 Type 2, NIST, and other industry-recognized security frameworks.
• Conduct regular audits to ensure alignment with internal policies and external regulatory requirements.
• Design and deliver privacy and security training programs for employees to promote compliance awareness.
• Manage and monitor data privacy and security risks in collaboration with cross-functional teams.
• Establish and oversee processes to handle data subject requests (e.g., access, deletion, rectification).
• Collaborate with product, engineering, and legal teams to embed privacy and security by design into our systems and workflows.
• Stay updated on emerging data privacy and security laws and frameworks to ensure Yalo’s readiness for compliance.
• Lead incident response efforts for data breaches, including investigation, reporting, and remediation.

Job Requirements?💻

• Bachelor's degree in Law, Information Security, Business Administration, or a related field.
• At least 5 years of experience in data privacy, compliance, or a similar role.
• Deep knowledge of global data privacy regulations (e.g., GDPR, CCPA, LGPD) and compliance frameworks.
• Mandatory experience implementing and managing ISO 27001 standards, SOC 2 Type 2 compliance, and NIST frameworks.
• Familiarity with additional security frameworks such as COBIT, CIS Controls, and PCI DSS.
• Experience conducting data protection impact assessments (DPIAs) and privacy audits.
• Familiarity with privacy and security management tools and technologies.
• Strong understanding of risk management principles and incident response processes.
• Certifications such as CIPP/E, CIPM, CIPT, CISSP, or CISM are a strong plus.

Soft Skills that matter to us🫀

• Strong communication and stakeholder management skills.
• High emotional intelligence to navigate complex situations with diplomacy.
• Exceptional problem-solving abilities and attention to detail.
• Conflict resolution and collaboration skills to work with cross-functional teams.
• Proactive mindset with a focus on continuous improvement and excellence.
• Strong project management and organizational skills to manage complex privacy and compliance programs.

Metrics to measure 📈

• Achieve ISO 27001 certification for Yalo.
• Achieve and maintain additional relevant market compliance certification.
• Compliance rate with internal and external data privacy audits.
• Timeliness and effectiveness of responses to data subject requests.
• Reduction in identified privacy and security risks through proactive mitigation.
• Successful training completion rates across the organization.
• Incident response times and resolution rates for data breaches.

• Unlimited PTO policy
• Competitive rewards on the market range
• Work life - Personal life integration 
• Start-up environment
• International teamwork
• You and nothing else limit your career here

We care,
We keep it simple,
We make it happen,
We strive for excellence.

At Yalo, we are dedicated to creating a workplace that embodies our core values: caring, initiative, excellence, and simplicity. We believe in the power of diversity and inclusivity, where everyone's unique perspectives, experiences, and talents contribute to our collective success. As we embrace and respect our differences, we strive to create something extraordinary for the benefit of all.
We are proud to be an Equal Opportunity Employer, providing equal opportunities to individuals regardless of race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, disability, protected veteran status, or any other legally protected characteristic. Our commitment to fairness and equality is a fundamental pillar of our company.

At Yalo, we uphold a culture of excellence. We constantly challenge ourselves to go above and beyond, delivering remarkable results and driving innovation. We encourage each team member to take initiative and make things happen, empowering them to bring their best ideas forward and contribute to our shared goals.