Our highly respected client in the space of iGaming is looking for a Data Protection Officer to play a crucial role in ensuring their compliance with data protection laws and regulations. You will be responsible for ensuring that all personal data processed by the company is conducted in accordance with GDPR (and other data protection laws where the Company may have a presence).

Key Responsibilities

Compliance Oversight:

  • Ensure compliance with GDPR and other relevant data protection regulations.
  • Monitor changes in laws and regulations and update data protection practices accordingly.
  • Conduct regular assessments and audits to ensure data protection policies are being followed.
  • Review Data Protection requirements for new market entry.
  • Ensure Data Protection risks are captured and maintained on the company risk registers and ensure suitable Data Protection Impact Assessments are created and controls are implemented.
  • Prepare senior management team and Executive updates on data protection relevant data protection matters and regulatory changes.
  • Manage the Data Protection Team’s preparation of group wide personal data mapping.
  • Review and advise on Data Processing Agreements, Data Sharing Agreements, in coordination with Legal and Information Security teams.

Policy Development and Implementation:

  • Develop, implement, and maintain comprehensive data protection policies and procedures.
  • Provide guidance on data protection impact assessments and monitor their performance.
  • Collaborate with IT department to ensure alignment of data security measures with data protection regulations.

Training and Awareness:

  • Develop and deliver training sessions to staff on data protection laws, regulations, and company policies.
  • Raise awareness and provide updates on data protection matters within the organization.

Data Subject Rights:

  • Serve as the first point of contact for individuals whose data the company processes (data subjects).
  • Manage and respond to requests from data subjects (e.g., access requests, deletion requests).
  • Periodically review and where update (as needed) all customer facing privacy notices and internal policy documents to meet the highest standards.
  • Conduct Data Protection Impact Assessments, in collaboration with the relevant internal stakeholders.

Incident Management and Reporting:

  • Lead the response to any data protection incidents, including data breaches.
  • Notify and liaise with regulatory authorities and data subjects as required.
  • Manage privacy team capacity to ensure regulatory deadlines are always adhered to.

Stakeholder Engagement:

  • Work closely with various internal stakeholders, including legal, compliance, and IT teams.
  • Liaise with external parties, such as regulatory bodies and data protection authorities.
  • Liaise directly with regulator as required from time to time.
  • Prepare the business for any regulatory changes or updates in advance of them becoming a legal requirement.

Person Specification, Skills, Experience and Qualifications

  • Ideally hold a bachelor’s degree in law, Information Technology, Cybersecurity, or related field.
  • Professional certification in data protection or privacy (e.g., CIPP/E, CIPM, CIPT) is highly desirable.
  • Previous experience in data protection, legal compliance, or a related field.
  • Experience in the online gambling industry is a significant advantage.
  • Familiarity with distributed information systems, IT processes and data security.
  • Excellent organisational and project management skills.
  • Effective communication skills, both written and verbal.
  • Ability to handle confidential information with discretion.
  • Expertise in managing workload and tasks using tools like Notion, Asana, or the Atlassian suite.
  • Work onsite from their Gibraltar office.
Please follow and like us:
close slider
  • +44 (0)203 004 9596

  • This field is for validation purposes and should be left unchanged.