What are the responsibilities and job description for the Data Privacy Specialist position at C2FO?
More than a mission, C2FO is a better financial system changing the way every business gains access to the working capital they need to thrive. At C2FO, everyone is an employee-owner which means we’re all invested in our work and team members. We’re a company of team players and self-starters finding new and innovative ways to get things done. If you’re excited to learn, grow and leave your mark on our fast-growing organization, C2FO may be the place for you.
About C2FO
Headquartered in Kansas City, USA, C2FO has more than 500 employees worldwide, with operations throughout North America, Europe, India, Asia Pacific, and Australia. C2FO is the world’s largest on-demand working capital platform. Our mission is to ensure every business has the capital needed to thrive and we have delivered more than $350 billion in funding to businesses since our founding. How do we do this? By providing fast, flexible, and equitable access to low-cost capital through our easy-to-use platform.
We provide technology with a human touch, giving our customers the direct support they need and ensuring our team members have the tools, resources, and work environment they need to deliver on our promise to customers. With the C2FO platform, businesses worldwide have more working capital to fuel their growth, create jobs and develop new products.
Benefits
At C2FO, we take care of our customers and our people – the vital human capital that helps our customers thrive. That’s why we offer a comprehensive benefits package, flexible work options for work/life balance, volunteer time off, and more. Learn more about our benefits here. (https://www.c2fo.com/amer/us/en-us/about-us/careers
Data Privacy Specialist Role
C2FO is seeking an experienced Data Privacy Specialist to develop and enhance our privacy and data protection framework including sensitive information policies and practices. In this critical role, you will be responsible for revising contracts such as Data Processing Agreements, Master Services Agreements, and Standard Contractual Clauses. Additionally, you will contribute to internal information security and privacy audits, assess existing protocols, and provide strategic recommendations to fortify data protection measures.
The ideal candidate will ensure compliance with global privacy regulations, develop comprehensive privacy policies and procedures, and offer expert guidance on data protection matters. This role requires a profound understanding of privacy laws, risk assessment capabilities, and the ability to collaborate cross-functionally to implement privacy best practices. Exceptional organizational, communication, and project management skills are crucial for elevating and updating the data protection program. Reporting directly to the Head of Privacy, this position requires consistent collaboration with C2FO’s legal, engineering, and business teams to ensure a unified approach to privacy and compliance.
Essential Duties
As an Equal Opportunity Employer, we not only value diversity and equality, but we also empower our team members to bring their authentic selves to work every day. Our goal is to create a workplace that reflects the communities we serve and our global, multicultural clients. We recognize the power of inclusion, emphasizing that each team member was chosen for their unique ability to contribute to the overall success of our mission.
We do not discriminate based on race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment decisions are based on qualifications, merit, and business needs.
About C2FO
Headquartered in Kansas City, USA, C2FO has more than 500 employees worldwide, with operations throughout North America, Europe, India, Asia Pacific, and Australia. C2FO is the world’s largest on-demand working capital platform. Our mission is to ensure every business has the capital needed to thrive and we have delivered more than $350 billion in funding to businesses since our founding. How do we do this? By providing fast, flexible, and equitable access to low-cost capital through our easy-to-use platform.
We provide technology with a human touch, giving our customers the direct support they need and ensuring our team members have the tools, resources, and work environment they need to deliver on our promise to customers. With the C2FO platform, businesses worldwide have more working capital to fuel their growth, create jobs and develop new products.
Benefits
At C2FO, we take care of our customers and our people – the vital human capital that helps our customers thrive. That’s why we offer a comprehensive benefits package, flexible work options for work/life balance, volunteer time off, and more. Learn more about our benefits here. (https://www.c2fo.com/amer/us/en-us/about-us/careers
Data Privacy Specialist Role
C2FO is seeking an experienced Data Privacy Specialist to develop and enhance our privacy and data protection framework including sensitive information policies and practices. In this critical role, you will be responsible for revising contracts such as Data Processing Agreements, Master Services Agreements, and Standard Contractual Clauses. Additionally, you will contribute to internal information security and privacy audits, assess existing protocols, and provide strategic recommendations to fortify data protection measures.
The ideal candidate will ensure compliance with global privacy regulations, develop comprehensive privacy policies and procedures, and offer expert guidance on data protection matters. This role requires a profound understanding of privacy laws, risk assessment capabilities, and the ability to collaborate cross-functionally to implement privacy best practices. Exceptional organizational, communication, and project management skills are crucial for elevating and updating the data protection program. Reporting directly to the Head of Privacy, this position requires consistent collaboration with C2FO’s legal, engineering, and business teams to ensure a unified approach to privacy and compliance.
Essential Duties
- Data Protection Guidance: Serve as the key subject matter expert for staff, regulators, and public bodies on data protection and privacy matters.
- Regulatory Compliance: Ensure compliance with global data protection laws and regulations, including GDPR, CCPA, PIPEDA, PIPL, DPDP, and industry codes of practice, by evaluating existing frameworks and implementing necessary improvements and updates. This includes but not limited to, compliance with all data transfer requirements.
- Contractual Expertise: Support legal and information security teams in reviewing and negotiating Master Service Agreements (MSA), Non-Disclosure Agreements (NDA), Data Protection Agreements (DPA), Data Transfer Agreements, Standard Contractual Clauses (SCC), and responding to data privacy/information security questionnaires.
- Privacy Assessments: Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new and existing processes.
- Hands-On Approach: Maintain a deep understanding of organizational operations to ensure policies and actions align with customer and regulatory expectations.
- Strategic Advisory Role: Monitor and interpret changes in global privacy laws and regulations, assessing their impact on the organization and advising leadership, data controllers or data processors on data protection strategies and initiatives.
- Privacy Requests: Respond to privacy-related inquiries, data subject access requests (DSARs), and incidents, ensuring timely and appropriate resolution.
- Incident Guidance: Support incident response teams in addressing data breaches and privacy-related incidents, including documentation and reporting.
- Cross-Functional Collaboration: Assist internal teams, collaborating and aligning data protection practices with operational requirements and customer expectations.
- Policy Development: Draft, implement, communicate and update internal data protection policies, guidelines, and procedures in response to regulatory changes, collaborating with key stakeholders.
- Project Management: Demonstrate strong project management skills, balancing competing priorities under pressure while managing sensitive and confidential information.
- Project Collaboration: Participate in design discussions to define and integrate data protection requirements throughout the development lifecycle of new and ongoing projects.
- Policy Execution: Translate complex regulatory requirements into actionable policies and communicate them effectively to diverse audiences.
- Interpersonal Excellence: Exhibit exceptional verbal and written communication skills, with the ability to collaborate across teams and deliver, clear, professional and concise information to internal and external stakeholders.
- Training and Awareness: Participate in the development of training plans to educate staff on data protection principles, fostering a culture of compliance across the organization.
- Visionary Direction: Promote a proactive culture of data protection compliance, inspiring teams to prioritize privacy and security at every level.
- Bachelor’s degree in a relevant field, providing a strong academic grounding to support professional expertise.
- 3 years’ professional experience in data protection compliance or a related field, with a strong track record of success.
- CIPP certification(s) required.
- Deep understanding of European data protection laws, particularly GDPR, with the capability and readiness to build expertise in global data protection laws across other jurisdictions.
- Background in legal, audit, and data protection departments, demonstrating versatility and depth of knowledge.
- Strong understanding of data governance, compliance, and risk management principles.
- Familiarity with multiple international laws and regulations, including PIPL, PIPEDA, DPDP, CCPA, and frameworks from jurisdictions such as India, Mexico, Australia, and China.
- Ability to comprehend and apply technical jargon and processes within the context of data protection compliance.
- Experience working with privacy management tools and frameworks.
- Ability to handle multiple projects and priorities in a fast-paced environment, performing effectively under tight deadlines.
- Experience in a multinational or highly regulated industry such as banking.
- Familiarity with emerging privacy technologies and trends.
- Juris Doctor (JD) is considered a plus but not a requirement.
- Strong understanding of global protection laws such as PIPL, PIPEDA, DPDP.
- Comprehension of directives such as NIS2 and DORA.
- Understanding of information security and cybersecurity frameworks such as NIST, NIS2, and PCI DSS.
As an Equal Opportunity Employer, we not only value diversity and equality, but we also empower our team members to bring their authentic selves to work every day. Our goal is to create a workplace that reflects the communities we serve and our global, multicultural clients. We recognize the power of inclusion, emphasizing that each team member was chosen for their unique ability to contribute to the overall success of our mission.
We do not discriminate based on race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment decisions are based on qualifications, merit, and business needs.
