At Holt Renfrew our mission is to present exceptional experiences together with the finest luxury products for life’s every day and extraordinary moments. Every Holt Renfrew employee enables this mission and defines the luxury lifestyle shopping experience through building lasting relationships with our people, customers and partners.
We are seeking a Manager, Privacy (12 Month Contract) who will support the CPO in developing and leading Holt Renfrew’s privacy, anti-spam and data protection program with the goal of ensuring compliance with all applicable legislation.
The Manager, Privacy will be responsible for assisting the CPO guide the company on implementing Privacy by Design, record processing activities, managing collection/use and disclosure of profiles, mitigating risk associated with the use of sensitive personal information, implementation of information and cyber security, and investigation, notification and communication of data breaches.
The ideal candidate will possess exceptional judgment and business acumen, will have in depth knowledge of Canadian (both provincial and federal) data protection, anti-spam and privacy laws and practices; experience with leading and managing data protection programs; an understanding of systems, data and processes; familiarity with privacy and security risk assessments and effective management of customer-related data.
Build upon and manage the company’s existing privacy, anti-spam and data protection risk management and compliance framework.
Continue to develop and support the current data governance and anti-spam strategy including updating and implementing standards, policies, procedures, training and guiding principles to ensure compliance.
Monitor changes in Canadian privacy, anti-spam and data protection laws and regulations to drive company adaptation and compliance, including all required provincial specifics.
Serves as a subject matter expert on all privacy and data protection laws and regulations nationally.
Conduct Privacy Impact Assessments and Vendor Risk Assessments to identify risks related to certain business practices, projects, initiatives and develop solutions and risk mitigation strategies.
Act as a subject matter expert on key projects where data protection and privacy must be considered and/or managed.
Manage and help support the business with the Data Mapping process.
Develop and facilitate privacy, anti-spam and data protection communications and training that increases awareness and decreases risk.
Collaborate with the Information Technology department to ensure system integration of and alignment with cyber security, privacy and data protection practices.
Oversee internal audit activities and shares reporting with appropriate stakeholders.
Audit key data protection and privacy measures for the company’s third party vendors.
In coordination with the CPO, liaise with all regulatory authorities related to privacy and data protection.