Data Privacy Officer

**Location: Brisbane Australia**

**Role Purpose**:
The Corporate Compliance - Data Privacy Officer will play a key role in managing Corporate Compliance with respect to Data Privacy within the local Australian Allianz Partners Company as well as supporting Allianz Assistance Thailand, under the direction of the Chief Risk and Compliance Officer. The role will also assist both businesses to continuously meet its compliance and data privacy obligations in relation to the relevant aspects of applicable regulations (particularly the Australian Privacy Act and Thailand Personal Data Protection Act) and internal policies, under the supervision of the Australia Chief Risk and Compliance Officer (CRCO). To do so, the incumbent will undertake duties associated with reviewing and analysing Allianz’s organisational structures, methods, systems and procedures as they relate to all aspects of data privacy.

**Key Responsibilities**:
**Data Privacy**:

- Ensure Privacy & Data Protection-related compliance processes are appropriately implemented, maintained and adhered to in accordance with Allianz standards, including the Allianz Privacy Standard and complementary functional rules, as well as with Allianz Partners Data Privacy Functional Rules and Processes, and data privacy & protection laws and regulations, and provide assurance to Regional / Global DPOs in this regard;
- Play a leading role in supporting the Australia business to comply with all aspects in relation to the Australian Privacy Act regulatory reform agenda which will be a significant regulatory change program for the whole of the Australian business;
- Advise and train Employees at local level on their obligations and rights under the Allianz Privacy Standard and Allianz Partners Privacy & Data Protection Framework;
- Be involved in any project requiring the Processing of Personal Data and advise on the Privacy & Data Protection aspects of such projects;
- Meet periodically with local management for both Australia and Thailand to report on the status of data privacy & protection compliance at local levels;
- Be responsible for the performance of PIAs for local Australian and Thai projects using the approved Allianz Group Standard PIA & Process Register Tool, and
- complete the assessment according to local requirements and specifications, asking for the advice of the relevant Regional / Group DPO where appropriate;
- Co-operate with Regional / Group DPOs, other Local DPO/DPPs or other Allianz Group OEs, to handle a request or complaint from an Individual or an investigation or inquiry by any DPA;
- Have due regard, in the performance of their responsibilities, to the risk associated with Processing, considering the nature, scope, context and purpose(s) of the Processing;
- Define with the local Privacy & Data Protection contact points appropriate controls to ensure the implementation of any Privacy & Data Protection related regulatory requirements, as well as those set up by Allianz Group (e.g. Allianz Privacy Standard and its complementary Functional Rules) and Allianz Partners Data Privacy and Data Protection Framework
- Perform second line control spot checks at local level to assess compliance with Privacy & Data Protection requirements;
- Liaise with local Legal business functions to assess any judgment or decision taken by a non-EEA court, tribunal, or administrative authority, requiring the transfer or disclosure of EEA Data to ensure such transfer or disclosure is done in compliance with applicable EEA laws and regulations, and report to the Regional / Group DPO on such matter;
- Liaise with local Legal business function to periodically review the Requirements for BCRs Transfers against applicable laws and regulations that may prevent the BU from fulfilling its obligations under the APS and Allianz BCRs; and to the extent permitted, promptly inform the Regional DPO of the same;
- Regularly review the local Records of Processing Activities, by requesting the Information/Business owners the update of the information recorded or the confirmation of the inexistence of changes.

**Experience**
- A Bachelor level qualification or at minimum 5 years of relevant work experience in lieu; minimum of 3 years of Compliance experience in medium to large enterprises in other cases.
- Demonstrated experience in Data Privacy Officer role
- Demonstrated experience in the preparation of reports, procedures, strategy and related documents
- Demonstrated experience in data analysis and preparation of reports and/or commentary on findings
- Experience in project management desirable

**Problem Solving & Decision Making Skills**
- Able to make decisions swiftly and put decisions into practical use
- Interrogate a problem and develop processes that engage and educate staff
- The drive and ability to take on increased responsibilities over a period of time
- Ability to quickly adapt key data privacy principles to other regulatory jurisdictions

**Professional Approac