Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. Since its founding in 2009, Tokopedia has been a force that pioneers digital transformation in Indonesia. Consistent in building a bridge to connect millions of people, we have now reached more than 99% of districts and empowered over 12 million of merchants across the archipelago. Our vision is to build a Super Ecosystem where anyone can start and discover anything. To achieve that, we are working hand in hand alongside various strategic partners through our marketplace, logistics, payments, and financial technology businesses, while also providing more than 500,000 payment points across Indonesia, and offering more than 40 digital products that simplify the lives of many. Our team has grown rapidly over the years, as we now have more than 6,000 Nakama spread across several regions; Jakarta, Semarang, and Yogyakarta. With Tokopedia’s 3 DNAs instilled as our core values, we constantly innovate to provide the best experience for our millions of users and contribute to advancing a better Indonesia through technology. In 2021, Tokopedia and Gojek have united to become GoTo by combining e-commerce, on-demand, and financial and payment services. With a mission to empower progress, we continuously create a comprehensive ecosystem for daily life. Let’s find your purpose with us, and join our mission! www.tokopedia.com/careers
Requirements:
A minimum of 3 years data protection and privacy experience in a fast-paced, professional environment
Relevant professional qualification (CRISC, CISA or CIPP/E) are desirable amongst others
Prior experience in corporate governance (privacy, security, risk, compliance or audit)
Prior experience in the technology industry - highly regarded
Strong knowledge of GDPR and International data protection requirements
Strong knowledge of data protection methods, practices and regulations.
Strong knowledge of information technology, information and/ or cyber security methods, practices and regulations desirable
Strong influencing, negotiating, planning, organizing and analysis skills
Strong analytical skills, including the ability to assess risk and impact from a privacy and data protection perspective
Excellent communication and people skills
Job Description:
Undertake Data Protection Impact Assessments in consultation with the relevant Engineering Team, as a result Personal Data processing
Carry out data protection monitoring activities and producing improvement plans for the business.
Conduct third party privacy compliance reviews by engaging with relevant teams to monitor and ensure privacy compliance.
Investigate and implement a uniform approach to business-level reporting for Data Protection management information
Maintain the GDPR Compliance database and provide regular management information.
Provide support in the preparation of responses to requests from data subjects to exercise their rights, including but not limited to Data Subject Access Requests.
Drive resolution of Subject Access Requests and other customer requests to the relevant stakeholders. Escalate Personal Data related risk events to the Group Data Protection team in a timely manner as deemed necessary