Lloyd’s is the world’s leading insurance andreinsurance marketplace. We share the collective intelligence and risk sharing expertise of the market’s brightest minds, working together for a braver world.
Our role is to inspire courage, so tomorrow’s progress isn’t limited by today’s risks.
Our shared values: we are brave; we are stronger together; we do the right thing; guide what we do and how we act. If you share our values and our passion to build a future that’s more sustainable, resilient and inclusive, you’ll find a home at Lloyd’s – build a braver future with us.
The role of Data Protection Manager sits in the Italian branch of the Company and reports hierarchically to the Manager – Legal & Compliance locally and functionally to the C&L manager in the head office, which is part of the Commercial department in the first line of defence. The role holder will be part of the Data Protection Center of Excellence (DPCE). The DPCE will coordinate all Data Protection activities that belong to the 1st Line of Defence of Lloyd’s Europe. The role holder is responsible for enabling the company and European offices to process personal data in compliance with applicable data protection laws and the company’s framework, policy and procedures, through the provision of advice and by managing the systems, controls and processes required under GDPR. The role holder has a specific focus on the Italy office in the first instance and secondarily the focus is on the company as a whole.
- Support the Italy office with the implementation of the GDPR Gap Assessment.
- Provide support to the Italy office on the activities mentioned below and secondarily support the head office with the below activities as and when requested
- Support the DPO in the implementation of the Data Protection Policy and the Data Protection Framework.
- Promote a data protection culture within the company by providing advice and support on privacy issues to business teams and the European offices.
- Maintain all the company’s systems, controls, processes, tools and documentation that enable all the company's data processing activities to comply with GDPR and national data protection legislation in the European countries in which it operates. Eg, Records of Processing database, procedure documents.
- Handle and respond to all data subject requests and maintain appropriate records of them.
- Undertake all Data Protection Impact Assessments (DPIAs) and record all of them in a central location.
- Draft and review privacy notices and other non-contractual documents related to privacy.
- Identify staff training needs, preparation and delivery of training and communication material.
- Review and advise on privacy provisions in commercial contracts, including in relation to international transfers.
- Handle and respond to ad hoc enquiries on data protection from business teams, the European offices and outsourced providers.
- Obtain legal advice on points of law where necessary.
- Keep abreast of regulatory and technological developments in data protection.
- Work with the company’s Compliance, Regulatory, Risk Management, IT and Information Security functions as and when necessary.
- Ability to take part in other data-related matters, including the implementation of the Data Quality Management framework.
Legal & Regulatory:
Assist the Manager – Legal & Compliance in Italy and /or the team of the General Counsel with assistance in the legal domain locally and the wider responsibilities of the C&L team in the head office for the Company as a whole.
- Ability to apply data protection regulatory requirements to an operational environment
- Understanding of the data processing operations carried out by, and on behalf of, the company
- Understanding of information technologies and data security
- Pragmatic approach to problem solving
- Ability to promote a data protection culture within the organisation
- Provide strategic frameworks, leadership and enforcement in best practice information governance for privacy needs
- Communicate effectively with senior stakeholders
- Build relationships with and influence senior stakeholders
- Understand and work across a matrix management structure and achieve results
- Build and maintain effective working relationships
- Operate strategically as well as focus on the detail
- Work in a structured way and under minimum supervision
- Conceptual Thinking – Acquiring understanding of the underlying issues in complex problems or situations by correctly relating these to simpler or better understood concepts, models or previous experiences
- Cross-Functional and Inter-Disciplinary Awareness – Understanding the needs, objectives and constraints of those in other disciplines and functions
- Flexibility – Taking account of new information or changed circumstances and modifying understanding of a problem or situation accordingly
- Information Acquisition – Identifying gaps in the available information required to understand a problem or situation and devising means of remedying such gaps
- Organisational Awareness – Understanding the hierarchy and culture of own, customer and supplier organisations and being able to identify the decision makers and influencers
- The ability to present and communicate with senior stakeholders at ExCo level.
- Commercial insurance industry, terminology and strategic drivers is an asset
- In-depth understanding of the GDPR, data protection laws, regulation
- Operational aspects of data protection; including privacy practices such as Data Protection Impact Assessments, handling data subject requests, vendor contracts and breach management
- Languages: Fluency in written and spoken Italian and English is essential.
- Experience of working in a DPO role or a data protection function in Italy and/or EU.
- Experience of working within the insurance/reinsurance industry is an asset but not essential.
- Demonstrable track record of working with Information Governance frameworks.
- One trust tool experience is an asset
Ideal start date: 11th January 2024
Diversity and inclusion are a focus for us – Lloyd’s aim is to build a diverse, inclusive environment that reflects the global markets we work in. One where everyone is treated with dignity and respect to achieve their full potential. In practice, this means we are positive and inclusive about making workplace adjustments, we offer regular health and wellbeing programmes, diversity and inclusion training, employee networks, mentoring and volunteering opportunities as well as investment into your professional development. You can read more about diversity and inclusion on our website.
By choosing Lloyd's, you'll be part of a team that brings together the best minds in the industry, and together with our underwriters and brokers, we create innovative, responsive solutions allowing us to share risk and solve complex problems.
Should you require any additional support with your application, or any adjustments, please click the following link;
Please note, clicking on this link does not register your application for the vacancy