Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Counsel, Privacy and Data Protection
Overview
Mastercard is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of its business strategy. As part of that commitment, Mastercard has established a world-class privacy program and is currently adding talent to its global team.
Want more jobs like this?
Get jobs in Nivelles, Belgium delivered to your inbox every week.
The Counsel - Privacy & Data Protection will support both the strategy and the daily operations of the Privacy and Data Protection Team. The position will report to Senior Counsel - Privacy & and Data Protection, will be a member of the Privacy and Data Protection team as well as a member of the Law & Franchise Integrity (LFI) team and will support the Europe Data Protection Officer's Office ("DPO Office").
Role
The Counsel - Privacy & Data Protection will support the Privacy and Data Protection team and specifically the DPO Office to ensure privacy compliance is built into Mastercard data-driven products. The position requires the ability to understand new and complex data-related and privacy & data protection law as well as new technologies, and to develop creative solutions to ensure compliance with all privacy and data protection laws globally, including the General Data Protection Regulation ("GDPR"). The Counsel will have responsibility for driving privacy tools and technology development, including implementation of new privacy requirements in compliance with global data-related and privacy & data protection laws. The position requires an excellent understanding of individuals' data privacy rights and expectations, whilst having a process-driven attitude and ease to communicate with stakeholders globally both internally and externally.
Activities include:
• Ensure that Mastercard complies with all global, regional and local privacy and data related laws - including the GDPR, California Consumer Privacy Act ("CCPA") and Brazil General Data Protection Act ("LGPD"), as well as Mastercard's Binding Corporate Rules ("BCRs") and APEC Cross-Border Privacy Rules ("CBPR").
• Help manage the day-to-day operations of the Global Privacy Program and DPO Office, and ensure individuals' and regulators' privacy expectations are met and Mastercard privacy policies and standards are complied with;
• Organize and handle engagements with data subjects, regulators, customers, clients, partners and suppliers to explain Mastercard's approach to data privacy and ensure compliance with global privacy and data protection laws partnering with internal and external stakeholders.
• Advise on and identify legal, business and technical infrastructure requirements and controls to enable privacy compliance including as part of the development of privacy tools; work with legal, business, technical teams as well as coordinate with external counsel to ensure implementation, timely compliance and usability.
• Manage the response to individuals' privacy requests globally in partnership with members of the privacy team globally, identify new and/or increased individuals' rights under local data protection laws and ensure implementation globally.
• Provide guidance and thought leadership on the use of emerging/advanced technologies in a privacy-compliant manner including the use of privacy tools and automation.
• Coordinate and enable compliance monitoring activities, including reporting and analytics pertaining to data-related and privacy and data protection laws
• Engage with the organization to assist in training employees on privacy and data protection requirements, including GBSC employees, handle employee privacy-related queries and raise employee awareness about privacy and data protection developments.
All About You
• European Law degree required; specialization in privacy
• Membership to a Bar (if permitted by law)
• Additional qualifications e.g. Master of Laws degree, IT certifications, CIPM, CIPP/US, CIPP/E, considered as an asset
• Experience, and track record dealing with international privacy laws including the GDPR, CCPA, LGPD and other regulatory frameworks
• Expertise in handling data subjects' requests
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.