Specialist, Supplier Data Protection

Do you want to be a part of the world’s leading jewellery company? If yes, then we might have an exciting opportunity for you! You will be part of an exciting digital & tech area and work in an international organisation of can-do spirited, passionate, and performance-driven people. We value flexibility and informal working, where you are trusted to deliver and to focus on outcomes and value. 

About the Role 

You will play a key role in negotiating, drafting, and managing Data Processing Agreements (DPAs) to ensure compliance with global privacy regulations. Your role will be central to mitigating privacy risks, engaging with internal and external stakeholders, and supporting overall data protection governance. Your responsibilities will include: 

1. DPA Negotiation & Management: 

• Leading negotiations of Data Processing Agreements (DPAs) with vendors, partners, and third parties. 

• Assessing contractual terms to ensure compliance with GDPR, CCPA, and other relevant privacy laws. 

• Collaborating with compliance, legal, procurement, and security teams to align DPAs with company policies and risk thresholds. 

2. Contractual Compliance & Vendor Risk Management: 

• Working closely with procurement and vendor management teams to ensure that privacy and security clauses in vendor contracts meet regulatory requirements. 

• Conducting vendor due diligence, assessing privacy and security risks in relation to third-party data processing, e.g.: ensuring adequate security measures are in place, ensuring compliance with GDPR and similar provisions under global privacy laws, ensuring appropriate data protection safeguards for internation transfers (e.g., SCCs) are in place, etc. 

• Staying updated on evolving regulations affecting international data transfers, such as the EU-U.S. Data Privacy Framework. 

• Maintaining an internal DPA repository and ensure version control, documentation, and tracking. 

• Conducting supplier and vendor audits based on criticality and risk. 

In order to succeed

You are an excellent communicator with strong stakeholder management skills. You thrive when collaborating across departments, and have experience working with internal stakeholders to manage vendor relationships. You have an organized and detail-oriented approach to your work, and a problem-solving mindset. You are also able to interpret complex legal texts and translate them into operational business requirements. Additionally, we hope that you have: 

• Specialist knowledge of GDPR and solid understanding of other relevant privacy regulations 

• Strong contract negotiation skills, including redlining and amending DPAs 

• Professional English proficiency, both verbal and written 

• Either legal background or law degree, preferably with a focus on privacy or technology law 

• Experience working with privacy tech solutions (e.g., OneTrust, TrustArc, or similar tools), and knowledge of ISO 27701 or other privacy standards would be beneficial 

• Additional privacy certifications (CIPP/E, CIPP/T, CIPP/M or security-related credentials like CISSP) are a great plus, but not necessary 

Did we get your attention? 

We hope you got all your questions answered and feel confident applying for this position, however if you have more questions regarding the position, please contact: 

Kelly Kavarnou 

Global Recruiter 

kekav@pandora.net 

If you see yourself in the position and would like to become a part of Pandora’s future, please do not hesitate to apply. We are an international team, so please make sure to send us your application in English to be considered. We look forward to hearing from you! We process applications on a continuous basis, which is why we encourage you to send your application as soon as possible. You can also read more about Pandora on our corporate site www.pandoragroup.com. 

Our Office in Warsaw  

You will be working out of our beautiful Regional Digital & Technology Polish HQ in Warsaw, rapidly growing environment of highly skilled and experienced colleagues. Which is a key initiative that goes along with Pandora’s experience & ambitions.  

You will also be able to take part in creating eco-friendly environment – that we are not only talking about – but implementing. The result is a professional and dynamic environment that is unique, enjoyable and inspirational  and delivers a true Pandora experience to anyone who works here.   

About Pandora 

Pandora is the world's largest jewellery brand, specialising in the design, crafting and marketing of accessible luxury jewellery made from high-quality materials. Each piece is created to inspire self-expression, allowing people to share their stories and passions through meaningful jewellery. Pandora jewellery is sold in more than 100 countries through 6,800 points of sale, including more than 2,700 concept stores.