Group Data Protection Officer

Kindred operates in a highly regulated and increasingly complex market where trust and reputation will play key roles in achieving sustainable growth.  #LI-Hybrid #JM2


The Role

The mission of the Group Data Protection Officer (DPO) is to support the business in meeting its data protection and privacy obligations and advising the business in running its operations in line with all applicable legislation by developing close ‘trusted business partner' relationships with the relevant internal stakeholders, helping them to achieve their goals, while safeguarding the company's reputation and trust-based relationships with customers, regulators and society stakeholders. The DPO will also have an escalating role to the Group Deputy General Counsel as guardian of the corporation's continuous compliance, integrity and reputation 


As an advisor, counsellor and business partner: 

  • The DPO and their direct report(s) will work closely with its key business stakeholders in all markets, either directly or via local representatives or privacy champions, providing all-round and hands-on support on all data protection and privacy matters, thereby positioning Kindred as a trustworthy partner who puts compliance first throughout its operations. The Group Data Protection Officer will:
  • Translate legal challenges into comprehensible and executable actions points, processes and policies that protect the business and allow for sustainable business growth opportunities (LeCoR Value Chain); 
  • Oversee the Group's data & privacy governance strategy and raise continuous internal awareness; 
  • Proactively identify, action and mitigate any risks for the business; and  
  • Seek, enable and support Group alignment synergies.


As corporate guardian: 

  • The DPO has a vital role in identifying, devising and then implementing measures to protect the Group against all data protection and privacy risks. As Group Data Protection Officer, the function has a positive mandate and authority to take any action needed to pro-actively avoid legal and compliance breaches in the data protection and privacy area and ensure operational continuity in a regulated business (no license/no business).  


Requirements to fulfil the role & key responsibilities 

  • Have a deep and broad understanding of the global data protection and privacy legal framework as well as Kindred's business activities in the broader geopolitical environment, which they can pass on to their direct reports.  
  • Overall responsible for overseeing and providing any type of legal support required within the data protection and privacy space.  
  • Communicate effectively with the Deputy Group General Counsel, seeking appropriate guidance if and when required.
  • Keep oversight of the key data protection and privacy developments, challenges and processes and modify group policies accordingly. 
  • Support and take the necessary steps to safeguard the prioritization, planning and execution of key strategical milestones in the data protection risk management strategy.
  • Develop and manage the Group policies on data protection and data controlling as well as on-site privacy notices and terms and conditions. 
  • Ensure the Group's data protection and privacy governance on a BAU basis and monitor accountability obligations (documentation and reporting obligations, impact assessment, process standardization, breach notification logs and records of processing activities, ) 
  • Drive the internal operational and governance fora as well as the appointed privacy champions to ensure a top-down & bottom-up compliant organisation.  
  • Raise awareness and provides advice & training to internal stakeholders about their obligations in relation to data protection and handling relevant data (customers, employees, etc.) as well as day-to-day operations.
  • Act as the point of contact to and cooperates with national, European and international supervisory authorities for any queries or reporting in relation to the Group's data controlling activities
  • Supports the line organisation in responding to individual queries regarding data handling and the exercise of data subject rights
  • Reviews, drafts and negotiates the required data protection and privacy agreements and clauses to protect Kindred in this field.
  • Manages the data protection legal counsel. 
  • Invest in their continuous training and remain informed about all relevant legal developments, competitors and other major legal factors that affect business opportunities and risk and discuss these with their direct reports.
  • Ensure that resources and means for data protection compliance are aligned with the agreed LeCoR objectives, value chain and LeCoR Mission statement
  • Perform other duties and tasks as assigned from time to time by management and as required by the needs of the business.
  • Support and take the necessary steps to safeguard the prioritization, planning and execution of key strategical milestones in the legal risk management strategy.
  • Champion across the Group and across different stakeholder fora Sustainability as a positive business value enabler/builder and a basic hygiene factor in a regulated complex industry.  
  • Act as business partner with close proximity to the line organization, champion and raise positive awareness about a “compliance and sustainability  priority” approach to ensure Kindred Group proactively designs and runs its operations in a regulated industry on the basis of the mandatory legal requirements and standards to create a safe user experience and a reputable business, thereby generating sustainable recurring net revenue.  
  • Build, develop (team and FTE) and manage their direct reports to cater for both group and local needs in support of a future-proof data protection strategy that clearly stands out in the industry as a competitive differentiator and supports Kindred in becoming and remain the No 1 operator in all markets
  • Lead, manage, empower and inspire their direct reports with a strong focus on strategy, delivery, operational excellence, GreatPlace2Work (GP2W), team performance, standing regular team meetings, compliance mindset, sustainability, LeCo customer value chain, etc.
  • Secure team buy-in and contribution to strategy and empower the team to excel by developing team strength and personal development of team individuals
  • Support the implementation of an operational efficiency strategy for Legal (enterprise IT and process management solutions).
  • Experience with International Organization for Standardization (ISO) standards, the Payment Card Industry Data Security Standard (PCI DSS), and similar privacy and security compliance frameworks.
  • Oversee data protection audits and reviews.
  • Actively support and enhance group wide data governance strategy.


Core skills and competences

  • Qualified subject-matter expert supporting the Group in ensuring continuous compliance with the General Data Protection Regulation, national and international data protection and privacy regulations 
  • Demonstrated experience in simultaneously successfully handling different responsibilities, in a high-pressure environment and against strict deadlines, and building on synergies between various teams and stakeholders
  • Strong analytical and decisive skills, with the ability to prioritize and communicate key objectives to achieve organizational goals while maintaining accuracy and quality
  • A hands-on, versatile and well-organised “Doer” who has proven to always go the extra mile, is a genuine team player and breathes the Kindred values, able to represent Kindred's best interests in various internal and external fora
  • Strong interpersonal and people skills, team player by nature and able to make fast and complex decisions and ensure buy-in from other business stakeholders based on a mutually respectable relation
  • Confident and assertive with exceptional communication skills and ability to drive teams and encourage people to excel.
  • Understanding of industry trends, both sector specific as digital in general, and ability to proactively translate them into the Kindred reality
  • Experience in dealing with dynamic multi-dimensional legal issues in a regulated industry  
  • Deep understanding, implementation and contribution to the LeCo Value Chain collaborative model
  • Ability to foster open and pro-active relationships with direct functional stakeholders 
  • Demonstrated being an inspirational leader to high performance teams empowering direct reports to achieve continued success as strategic business partner. 
  • Demonstrated experience in successfully managing their direct reports from a multi-disciplinary point of view and against strict deadlines, and building on synergies between the various teams
  • Management experience, both in terms of people management (soft skills) and technical delivery (high-profile litigation, business acumen, regulatory understanding, budgeting, etc.). Previous experience with managing teams in a fast changing, international ecosystem. Relevant experience: qualification as Data Protection Officer; +5 year experience in a privacy role and additional experience in a legal role, either post qualification or in a reputable company; previous experience in a digital industry is highly desirable
  • Professional qualification as lawyer or similar professional qualification. 


Application process

Click on the "Apply Now" button and complete the short web form. Please add a covering letter in English to let us know your motivation for applying and your salary expectation. Our Talent Acquisition team will be in touch soon.


Kindred is an equal opportunities employer committed to employing a diverse workforce and an inclusive culture. As such we oppose all forms of discrimination in the workplace. We create equal opportunities for all our applicants and will treat people equally regardless of and not limited to, gender, age, disability, race, sexual orientation. We are committed not only to our legal obligations but also to the positive promotion that equal opportunities bring to our operations as set out in our sustainability framework. Kindred has an ESG rating of AAA by MCSI.


Job alerts

Not suited to this role but interested in working at Kindred Group?

We are always on the lookout for talented, passionate people to join our global teams so if you'd like us to let you know when suitable jobs come up, please click on “Register for Alerts”.


Close map
The Centre Pjazza Tigné, Tigné Point, Tigne Point, Sliema, Malta, TPO 0001
  • Office:
    Malta, Stockholm
  • Type of Employment:
    Full Time Permanent
  • Reference Number:
Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email

Job Alerts

If this job is not for you but you are interested in jobs similar to this, then click the button below to be the first to know about them.