Back to Job Search

Data Privacy Advisor, Bangkok, Thailand

  • Sector: 信息技术
  • Contact: Q - Prarinya
  • Client: Monroe Consulting Group
  • Location: 泰国
  • Salary: Negotiable
  • Expiry Date: 22 December 2025
  • Job Ref: BBBH488433_1758603119
  • Contact Email: p.prarinya@monroeconsulting.co.th

Data Privacy Advisor : About the job
This is an exciting opportunity to play an important role improving data privacy management. The DPA (Data Privacy Advisor) is responsible to support the overall administration and execution of the global privacy and compliance program in the countries assigned.

Responsibilities will include:
The DPA is responsible and accountable for the following activities for the Privacy Office as well as other security & compliance activities (non-exhaustive list) :

Privacy Notice/Consent Form Communication and Reporting- Ensure all new hires receive
privacy notice/consent upon hire and all employees receive updated notices and consents as
needed, working with local HR and recruiting teams.

  • Monitor and Track communication/disclosure of appropriate notices (when required) to ensure they are received by all employees
  • Monitor and tracking of distribution and receipt of consent (when required)
  • Evaluate and coordinate with the Privacy Office on the communication of any privacy notice and/or consent

Ongoing monitoring of all personal data processing activities and escalating new or changes to existing personal data processing activity to the Privacy Office.

Data Mapping Questionnaire (DMQ) Completion & Ongoing Updates & Quality Review

  • Ensure completion and accuracy of DMQ's for Controller & Processor DMQ's.
  • Ensure new or changes to existing personal data processing activities are appropriately documented and/or updated (controller and processor)
  • Ensure new local clients or changes to existing local client processing activities are appropriately documented and/or updated
  • In coordination with local/regional IT, review IT DMQ's to ensure accuracy, completeness, and are regularly updated
  • In coordination with the appropriate account manager, ensure that data processing activities associated with global clients are documented in the DMQ Processor and changes to existing global client processing activities are appropriately documented and updated in the DMQ Processor
  • In coordination with local/regional Functions, ensure that new personal data processing activities are appropriately documented in the DMQ Controller and are regularly updated with any changes to existing activities.

Client Contracts

  • In coordination with Account Managers, ensure existing clients have appropriate data privacy agreements, and client contracts have been updated with data privacy amendments as needed
  • In coordination with Business Development or Account Managers, as appropriate, ensure liaison with the Legal Department so that contracts with new clients include the appropriate data privacy provisions.
  • In coordination with the BID team, assess the data privacy requirements in the tender documentation.
  • Report to the Privacy Office as requested on the status of client contract data privacy provision negotiations.

Vendor Due Diligence Review

  • Ensure the Privacy Due Diligence process is conducted on all existing, as well as new vendors for the country or subsidiary - working with both local and global procurement
  • In accordance with the process established by the Privacy Office, review and approve completed Vendor Due Diligence Questionnaires, or escalate as needed to appropriate the SVP of Privacy and Regional Privacy Officer,
  • In coordination with local Procurement, ensure that the Privacy Due Diligence process is completed prior to any new vendor contract execution
  • Conduct privacy risk assessments on new projects assigned, completion of questionnaire and request for appropriate approvals (TPSC)

Audits, Monitoring

  • Provide specific reporting metrics as required on a regular, consistent basis.
  • Onsite and/or off-site privacy and compliance audits and monitoring on subsidiaries in the region assigned
  • BCR/GDPR/ISO 27701/ISO 37001/ISO 37301 audits

Data privacy compliance

  • ensure adherence to applicable privacy and compliance laws, regulations, group policies, external certification defined by TLS Group, and ethical standards,
  • Raise awareness on data privacy compliance,
  • Make the necessary notifications to local data protection authorities, supervises the controls of the same authorities
  • Management of Data Subject requests from employees and from applicants.


Qualifications

  • Bachelor/Master degree in an appropriate area such as Data Protection Law.
  • Working knowledge of Data Privacy Regulations in Asian countries (Thailand, Philippines, Cambodia, Indonesia…), and GDPR, with a CIPP certification from the IAPP or the ability to gain CIPP Certification within the first 6 months in the position.
  • Min 5 years + experience in implementing data privacy as data privacy officer in an international company.
  • Strong influence skills are a necessity for this position as you will be working with multiple functions across multiple regions to ensure compliance.
  • Proficient in Microsoft Office including a good working knowledge of PowerPoint and Excel. Use of Onetrust tool.
  • English speaker is required. Other languages are appreciated.