Apply now »

Supplier Data Protection Specialist

City:  Warsaw
Country/Region:  PL
Application Deadline:  2025

PANDORA’s Digital & Technology Hub in Warsaw is a key part of the world’s largest jewelry brand, supporting millions of people in expressing their emotions through meaningful jewelry. As one of our fast-growing global locations, Warsaw Hub plays a vital role in driving digital innovation, delivering scalable technology solutions and supporting our global transformation journey. Our teams work closely with colleagues across the globe, including our headquarters in Copenhagen, to shape the future of digital in retail and e-commerce. We’re proud of our inclusive, people-first culture, guided by our values: We Care, We Dream, We Dare, We Deliver.

 

About the Role – Supplier Data Protection Specialist:

 

You will play a key role in negotiating, drafting, and managing Data Processing Agreements (DPAs) to ensure compliance with global privacy regulations. Your role will be central to mitigating privacy risks, engaging with internal and external stakeholders, and supporting overall data protection governance.

 

Your responsibilities will include: 

 

1. DPA Negotiation & Management: 

  • Leading negotiations of Data Processing Agreements (DPAs) with vendors, partners, and third parties. 
  • Assessing contractual terms to ensure compliance with GDPR, CCPA, and other relevant privacy laws. 
  • Collaborating with compliance, legal, procurement, and security teams to align DPAs with company policies and risk thresholds. 

 

2. Contractual Compliance & Vendor Risk Management: 

  • Working closely with procurement and vendor management teams to ensure that privacy and security clauses in vendor contracts meet regulatory requirements. 
  • Conducting vendor due diligence, assessing privacy and security risks in relation to third-party data processing, e.g.: ensuring adequate security measures are in place, ensuring compliance with GDPR and similar provisions under global privacy laws, ensuring appropriate data protection safeguards for internation transfers (e.g., SCCs) are in place, etc. 
  • Staying updated on evolving regulations affecting international data transfers, such as the EU-U.S. Data Privacy Framework. 
  • Maintaining an internal DPA repository and ensure version control, documentation, and tracking. 
  • Conducting supplier and vendor audits based on criticality and risk. 

 

In order to succeed:

You are an excellent communicator with strong stakeholder management skills. You thrive when collaborating across departments and have experience working with internal stakeholders to manage vendor relationships. You have an organized and detail-oriented approach to your work, and a problem-solving mindset. You are also able to interpret complex legal texts and translate them into operational business requirements.

 

Additionally, we hope that you have: 

 

  • Specialist knowledge of GDPR and solid understanding of other relevant privacy regulations 
  • Strong contract negotiation skills, including redlining and amending DPAs 
  • Professional English proficiency, both verbal and written 
  • Either legal background or law degree, preferably with a focus on privacy or technology law 
  • Experience working with privacy tech solutions (e.g., OneTrust, TrustArc, or similar tools), and knowledge of ISO 27701 or other privacy standards would be beneficial 
  • Additional privacy certifications (CIPP/E, CIPP/T, CIPP/M or security-related credentials like CISSP) are a great plus, but not necessary 

 

 

 

Our Offer

  • Stable employment on the basis of an employment contract with a basic salary and a achievable annual bonus 
  • Hybrid work model (our office is located at Domaniewska 28, with free employee parking available upon prior reservation)
  • Attractive discounts on Pandora products
  • Flexible working hours (start 7am-10am, finish 3pm-6pm)
  • Support for professional competence development (including knowledge sharing, professional training)
  • PREMIUM package of MEDICOVER medical care with dental care
  • Generali Life Insurance
  • Sports membership card
  • Benefits available in cafeteria program on the MyBenefit platform
  • Additional days off e.g. for birthdays, health check
  • Subsidy for your home office equipment
  • Employee Pension Plans (PPE)
  • Additional benefits under the company's social fund (e.g., holiday or kindergarten subsidies)
  • Employee Referral Program 

Apply now »