Job Description:
Following the acquisition of Pinkvilla, Flipkart's Ethics & Compliance (E&C) team is seeking a highly motivated Manager to be based at the Pinkvilla office in Mumbai. This role is a critical bridge, acting as the primary point of contact (POC) for all E&C matters, including a special focus on implementing the Digital Personal Data Protection Act (DPDPA), 2023.
This individual will function as a Program Management Office (PMO) for all E&C initiatives, ensuring Pinkvilla's operations align with Flipkart's policies and applicable laws. The candidate will work closely with Pinkvilla leadership and the central Flipkart E&C Subject Matter Experts (SMEs) to drive a culture of compliance.
E&C PROGRAM MANAGEMENT & COLLABORATION
- Serve as the single, primary point of contact for all communication and collaboration between Flipkart E&C Subject Matter Experts (SMEs) and the Pinkvilla team across all compliance domains (e.g., Anti-Corruption, Sanctions, Consumer Protection, Privacy, Employment Laws, License & Permits, Safety, Anti-Money Laundering etc.).
- Establish and maintain a comprehensive compliance roadmap and tracking mechanism for all applicable E&C programs, ensuring deadlines are met and status is accurately reported to leadership.
- Work with all applicable stakeholders to ensure Pinkvilla's operational procedures and internal controls are consistently aligned with the standards set by broader Flipkart E&C policies.
- Act as a bridge between the central E&C team and the Pinkvilla business and operations teams on the ground.
DATA PRIVACY COMPLIANCE
- Drive the strategy, planning, and execution required to make Pinkvilla compliant with the DPDPA, 2023, specifically focusing on the obligations of a Data Fiduciary.
- Translate newly identified legal and regulatory DPDP Act requirements into specific, actionable compliance standards and internal controls for Pinkvilla's processes and systems.
- Establish and manage robust mechanisms for obtaining, withdrawing, and managing valid, explicit, and informed consent (Notice & Consent) from Data Principals (users).
- Implement and manage processes to facilitate and respond to requests related to the Rights of the Data Principal.
- Assist in drafting and operationalizing data privacy policies, procedures, and guidelines tailored for Pinkvilla.
- Determine the need for performing Data Protection Impact Assessments (DPIAs) and assist with their execution.
RISK, MONITORING & ALIGNMENT
- Conduct focused DPDPA gap assessments on Pinkvilla's data flows, processing activities, and vendor contracts.
- Assist in the monitoring of all compliance areas at Pinkvilla, identifying potential risks and gaps.
- Translate complex legal and regulatory requirements (from all E&C domains) into clear, actionable business processes and controls.
- Develop and use metrics to measure and report on the status of compliance program execution and maturity at Pinkvilla.
TRAINING & AWARENESS
- Coordinate the deployment and tracking of mandatory compliance training (e.g., Code of Conduct, POSH, Anti-Corruption) for all Pinkvilla employees.
- Develop and deliver relevant SMA-focused training materials to drive awareness of compliance requirements throughout the Pinkvilla organization.
Qualifications and Experience:
- 3+ years of relevant experience in compliance, legal, risk, or program management.
- Educational background as an LLB, CA, or a management graduate.
- Exceptional organizational, project management, and cross-functional collaboration skills.
- Proven ability to translate complex legal and regulatory requirements into clear, actionable business processes.
- Experience in data privacy compliance, with specific knowledge of the DPDPA, 2023, is highly desirable.
- Self-starter with the ability to work independently and manage multiple priorities simultaneously.
- Excellent interpersonal and communication skills; fluent in English, both verbally and in writing.
- Preferred: Professional credentials such as CIPP/E, CIPP/APAC, CIPM.
- Preferred: Knowledge of international standards such as ISO 27001, ISO 27701.
