We are seeking an experienced Data Protection Officer (DPO) to lead our organisation's compliance with the Digital Personal Data Protection (DPDP) Act, 2023 and all applicable privacy regulations. The DPO will oversee data governance across digital platforms, healthcare systems, e-commerce, CRM, and operational applications.
Key Responsibilities:
- Ensure full compliance with DPDP Act and internal data-privacy policies.
- Conduct privacy risk assessments, data audits, and maintain Records of Processing Activities (RoPA).
- Review data flows across systems (CRM, SLIMS, D365, Shopify/Magento, mobile apps, websites).
- Oversee consent management, data subject rights, and incident response from a privacy standpoint.
- Collaborate with Tech, Legal, Marketing, Sales, and Operations to ensure privacy-by-design.
- Manage vendor privacy compliance and Data Processing Agreements.
- Lead training and awareness initiatives for employees and partners.
Requirements:
- 715 years in data privacy, compliance, IT governance, or related domains.
- Strong understanding of DPDP Act, GDPR principles, and data-governance frameworks.
- Experience with digital/healthcare/CRM/e-commerce platforms preferred.
- Certifications such as CIPP/E, DPO Certification, ISO 27001 Lead Implementer are a plus.
- Excellent communication, documentation, and cross-functional coordination skills.
