Data Protection Correspondent Support

March 20, 2024

Data Protection Correspondent Support


  • Standard / Permanent
  • PT-11-Lisbon
  • RISK
Apply for this job

 About us

 “Arval was founded in 1989 and is part of the BNP Paribas Group. For 30 years now, we have been offering our clients and drivers the best solutions to meet the challenges of today and the future. Each day, over 7,500 employees in 30 countries dedicate themselves to making our clients’ trips and journeys as seamless and sustainable as possible, regardless of their field – from multinationals to self-employed and private individuals, whatever mobility solution they need and whatever stage of their lives they are at. We also keep a close eye on social developments in terms of mobility: new technologies, fleet electrification, stricter regulations, the role of cars in towns and cities, evolution from ownership to use, the emergence of the circular economy, the need for environmental protection, etc.”

We are looking even more at the world of tomorrow and are committed to the future. It is not the final destination that counts, but the journey. And your time at Arval will undoubtedly be one of the most beautiful journeys you make. Working at Arval means evolving all the time. It is about making the most of your talents and developing on a personal and professional level. Already know what you wish to achieve? We shall be pleased to help.


Data Protection Correspondent Support – 2024 (M/F) Miraflores


 Under the supervision of Arval Deputy DPO and in close cooperation of the Arval DPO Team, the Arval DPC Support will be responsible to provide to Arval entities firstly Arval UK the Data Protection LOD2 key missions


Theirs mains tasks and responsibilities are notably to:

  • Define or review general policies and high-level guidelines on personal data protection
  • Participate in the relevant main Data Protection committees at different levels.
  • Supervise the overall personal data protection framework on the following topics
    • Review and advise on implementation of Privacy by design principles
    • Provide upon request advice on and challenge Data Protection Impact Assessment
    • Assessment of potential personal data breaches (PDB) and oversight of the PDB reporting process including submitting the notification to the DPA and any follow up actions;
    • Review and challenge inventory of PDPAs in the Records of Processing activities (“ROPA”) and risk assessments where engaged by the coordinators;
  • Define and perform the Data Protection second level controls
  • Consulted by other teams whose operations impact personal data or entities’ privacy risk profile, such as outsourcing, IT risk management, among others.

 Your day-to-day activities

  • Provide general Data Protection advice and guidance to the 1st Line of Defense, when required;
  • Independently assess personal data breach reports, challenging and assisting the 1st line of defense where required; and review (Check and Challenge the corresponding DP HUB reporting and ensure proper and timely closure)
  • Perform Data Protection LOD2 Control Plan (verification, re-performance and direct controls)
  • Review and provide opinion on the 1st line of defense: annual risk assessments (RCSA); Privacy Assessment Questionnaire and Data Protection Privacy Impact Assessment (DPIA)
  • Supervise the LOD2 Data Protection compliance Follow-up for Arval entities;
  • Check and Challenge the ROPA process
  • Prepare and Participate in committees on / in relation to personal data protection for Arval entities

Your profile

  •  Experience level: At least 1 year;
  • Education level: Master Degree or equivalent experience (> 4 years);
  • Business fields: Law & Regulation, Specialized skills, Risks Management

 Business skills:
                – Internal Audit Knowledge (Beginner)
                – Data protection (Proficient)
                – Risk Management (Beginner)
                – Legal Knowledge (Proficient)
                – IT Risk and Cyber Security (Beginner)

Transversal skills:
                – Ability to manage a project (Beginner)
                – Ability to manage/facilitate a meeting, seminar, committee, training… (Beginner)
                – Ability to identify and successfully manage key stakeholders (Beginner)
                – Ability to communicate technical subjects in a simple way (Proficient)
                – Ability to develop and leverage networks (Beginner)

Behavioral skills:
                – Ability to collaborate/Teamwork (Proficient)
                – Proactivity (Proficient)
                – Organizational Skills (Beginner)

                – Analysis and synthesis skills (Proficient)
                – Attention to Detail/Rigor (Proficient)

                – English (Fluent)

Our offer

  • You will evolve in a stimulating international environment and join a dynamic and human-sized team, (to be completed depending on the hierarchical and functional link).
  • You will work in close cooperation and on a daily basis with the local Data Protection LoD1 team and the Legal department both at corporate level and local level.
  •  You can evolve within the Data Protection Community as Territory DPO dedicated to a country or a region. You also can evolve within the Legal, Data, Risk and IT functions.

The Mission is important, but so is the team and the workplace!

Get aboard !

Interested? Do you think you match this description, as well as having the necessary skills? Do you have lots of energy and good mood? So you’re who we’re looking for… Apply today!

 If you are not contacted within 3 weeks, your application has not been selected.

Offers you may be interested in