Data Protection of VWA, under instruction of DPO, can centrally manage and monitor data protection and security compliance in VWA in accordance with relevant laws, regulations and standards (especially those related to vehicle type approval, homologation and OEM), report to authorities, company management and the group about data protection and security breaches and issues.
Key Tasks:
- First contact of data protection topics towards external stakeholders, such as supervisory authorities, group companies, interested parties, etc.
- Localizing and implementing data protection policy in VWA based on applicable legal and regulatory requirements and group data protection policy.
- Establishing an appropriate data protection management system in VWA in order to ensure the compliance with data protection/security related laws and regulations.
- Implementing proper data protection processes and mechanisms, monitoring the effectiveness, and making improvement where needed, such as DPIA, RoPA, DSR, Data Security Incident Handling, etc.
- Establishing an internal reporting process according to statutory provisions to company management and VCIC and support the parent company to fulfill their obligations.
- Carrying out an applicable and documented data protection and data security risk management in accordance with regulatory requirements and company policies.
- Advising business units on data protection/security related issues, in particular, issues related to vehicle type approval, homologation and OEM.
- Preparing for response to requests/inquiries from supervisory authorities (e.g., CAC, MIIT, etc.) and coordinating with internal and external stakeholders where necessary.
- Developing and implement training concept to raise awareness about data protection/security in employees and target groups.
- First contact for data protection related issues (such as data subject’s requests, data breaches, etc.)
Qualification and skills:
• Outstanding / strong degree in automotive, information/cyber/data security, law, business administration or similar university degree
• Several years of professional experience as a data protection and data security expert or in a similar role ideally in the automotive sector
• Excellent understanding of the business and technology
• Management-Level experience and leadership skill
• Certification of EXIN-DPO, CIPP, CISM and further relevant certification is a plus
• Native Chinese is preferred for communication with authority
• Native Chinese speaking, business fluent English language skills (spoken and written); German is a plus.
• Experience of managing and building strong relationships across numerous stakeholders
• Experience in risk and opportunity identification and solution driven.
• Excellent analytical capability and problem-solving skills, identifying facts and information sources