.Compliance Assurance Expert (6 months contract) MISSIONS & MAIN ACTIVITIES 1. Compliance
- Regulatory watch of the legislations under the perimeter
- Guarantee the compliancy with local applicable regulations under surveillance
- Implement and maintain the different processes assigned to compliance: Ethics, Anti-bribery, Sanctions, Conflicts of interest, Criminal laws.
- Review and follow up the compliance risks (evaluate the impact on the operational risks model of the entity)
- Raise awareness to all employees regarding the risk associated of non-compliance
- Report and escalate any relevant change in regulations subject to generate additional risks or needs inside AXA Services perimeter2. Data Privacy policies and governance
- Develop and adapt AXA Services policies on data privacy in accordance with security local laws.
- Develop and create appropriate privacy confidentiality consent forms, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.
- Adopting and implementing detailed requirements or guidelines to assure a compliant handling of specific matters as deemed necessary such as:o IT Project Management when personal data is involvedo Third party management: risk assessment and contract managemento Sensitive Personal Data: Greater emphasis on whether and how to process this type of data
- Design complaints procedure. Detailed guidance as to how employees and non-employee3. Data Privacy management and governance
- Training and providing juridical consultative advice to all the areas and departments of the entity in question with regards to Data Privacy matter
- Supporting and controlling a general data protection register (both as Data Controller and Processor) containing all data processing in use and current information about purpose).
- Support to the different projects providing Data Privacy assessment and sign-off when satisfied on compliancy with local applicable law
- Collaborates with the teams in charge to respond to requests for access to and correction of personal information and general issues concerning personal information (i.E. rights of access, rectification, cancellation and similar requests).
- Support on drafting internal or external data privacy agreement
- Reviewing and monitoring business activities and vendor contracting and negotiation
- Attendance at Data Privacy, Security or similar Committee
- Coordination and management of responses to incidents involving Personal Data (e.G. Unauthorized access or disclosure)
- Permanent Control: Ensuring on a regular basis that data processing applications and processes are still compliant.4. Control of Data Privacy Regulations
- Monitors both local and other relevant Data Privacy related regulations impacting the ATS (GDPR + local regulations).
- Creates an environment that promotes compliance with Data Privacy related regulations.5