Q8 - Menu
Service stations - Jobs
AMAZING JOBS
Kuwait Petroleum benefits from the skills and commitment of exceptional people. We need the best talents to build on our success story.

In return, you will enjoy a supportive environment which offers outstanding opportunities for professional and personal growth, a work-life balance approach and a chance to help us drive the oil business with innovative solutions.

To strengthen the position of our Q8 headquarters, we need YOU and YOUR IDEAS!
SEARCH A JOB
Country
Department

Clear Search
SPONTANEOUS APPLICATION
Legal & Data Protection Officer

Legal & Data Protection Officer

PURPOSE

 

To provide Data Protection and Privacy related advice to all KPNWE (Kuwait Petroleum North West Europe) business units, consisting of mainly the Benelux, holding the DPO role and also to provide effective legal and compliance support to the legal department of KPNWE and its mission in furtherance of the strategy and business interests of KPNWE.

Given the fact that the DPO is appointed for the KPNWE entities , he/she needs to be easily accessible from each establishment. During the exercise of this function, the DPO will work and act independent, without getting instructions from the company.

 

PRINCIPAL ACCOUNTABILITIES

 

At the request of the KPNWE legal department, the Legal & Data Protection Officer, with external support when required, conducts the following activities directed towards the related end results:

 

Data Protection activities:

  • To perform the role of DPO at KPNWE, comprising the duties of information & advice, the duty to monitor compliance and the duty of cooperation with Data Protection Authorities in KPNWE jurisdictions;
  • The DPO will perform, at a minimum, the following tasks (required by GDPR);
  • Inform and advise the Company, and employees of the Company who carry out processing, of their obligations pursuant to the Regulation and any other obligations required by Union or Member State data protection provisions;
  • Monitor compliance with the Regulation, with other Union or Member State data protection provisions, and the policies of the Company in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of Company staff involved in processing operations, and related audits;
  • Provide advice where requested regarding any data protection impact assessments and monitor its performance pursuant to Article 35 of the Regulation;
  • Cooperate with the relevant supervisory authority or authorities;
  • Act as the contact point for the supervisory authority or authorities on issues relating to processing, including the prior consultation referred to in Article 36 of the Regulation, and to consult, where appropriate, with regard to any other matter;
  • Respond to the requests of data subjects pertaining to the processing of their personal data and the exercise of their rights under the Regulation.
  • In matters of data protection, the DPO shall represent the Company before any external parties, and shall handle all relevant inquiries and contacts from the relevant supervisory authority or authorities;
  • To keep businesses informed about developments in data protection law at Benelux, other KPNWE jurisdictions where possible and also European Union level;
  • To advise management on data protection strategies and framework policy;
  • To foster a culture of data protection in the organization by implementing principles of data processing, data subjects rights, protection by design and default, records of processing, security and communication of potential data breaches;
  • To ensure the creation and maintenance of the Data Processing Register (“DPR”, register of processing activities , art. 30 GDPR). This register must mention the contact details of the DPO. The DPO will be the owner of the files, ensuring a yearly update of the DPR. The DPO must be involved in the DPO process (review the content and the quality of information provided, ensure common understanding, answer questions…)
  • To work proactively with fellow management team members to enhance organizational and operational process and effectiveness, working on projects and initiatives as required and to inform, advise and issue recommendation;
  • To train and inform staff and management, to draft policies and ensure data protection compliance is embedded in other corporate procedures and policies;
  • Indicate whether or not to carry out a DPIA. If a DPIA is needed, to decide on the methodology, the outsourcing of those if required. Give advice on any safeguards to apply to mitigate the data privacy risks and verify whether or not the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR (with evidences).To respond to all notifications and official requirements from Data Protection authorities, and to notify them and register as single point of contact for all data protection activities in KPNWE entities;
  • To monitor possible data breaches and implement “lessons learnt”;
  • To keep written & electronic documentation re processing operations within KPNWE and make this available to authorities if so required;
  • To draft and review data protection clauses for contracts, processing agreements, and legal review of all data protection related aspects in legal documentation, contracts and M&A projects;
  • To conduct and participate to any GDPR audits.
  • To participate and provide guidance for the IT Security activities in terms of procedures, policies, and management and reporting of incidents;
  • To monitor and direct the GDPR activities as described above, the DPO should:

    - Provide a ‘GDPR Quarterly Reporting’ to Legal supervisor

    - Provide a ‘GDPR Yearly Reporting’ for the Legal supervisor

 

Legal and compliance activities:

 

  • To review and/or draft contracts and other legal documents and related correspondence;
  • To coordinate and assist in the handling of legal proceedings and/or claims, by and against the company, including instructing outside counsels;
  • Responsible for maintaining sound practical procedures in order to meet legal requirements and safeguard the legal position of said companies;
  • Keep the management of the companies informed of new developments in legislation on jurisprudence whenever relevant;
  • To conduct know-how research on a specific legal topic;
  • Legal counseling of the business in consultation with KPNWE Senior legal counsels;
  • Corporate housekeeping (Board meetings, shareholder meetings, etc )
  • To participate in compliance commitees and teams regarding including Antitrust, Anticorruption, Data Protection, and including delivery of internal workshops;
  • To follow up on sanctions regimes;
  • To be involved in new business such as mobility projects as well as sustainability items and projects relating to the well being of employees

 

 

NECESSARY EXPERIENCE

  • Knowledge of Q8 Business at KPNWE;
  • International experience and orientation;
  • Familiarised with Information systems and IT;
  • Basic knowledge of audit process.

 

Education

  • Degree of Law
  • Expert knowledge of Data Protection Law in Benelux and the EU

 

Other

  • Languages: Dutch, French and English, spoken and written;
  • Conceptual and analytical problem solver;
  • Quality & service minded;
  • Team player, open minded, good communicator;
  • Results oriented;
  • Demonstrate continuous improvement and the ability to sum up complex information in an understandable way.
Q8 - Oils Q8 - Aviation Q8 - Tango Q8 - International Diesel Service
Have a look at our vacancies for Q8 retailers © Kuwait Petroleum International Ltd - 2006-11
Powered by CVWarehouse