About Us

Debono Group is a long-established multifaceted group of companies whose primary aim is to achieve business growth through innovation. The company is well renowned in the market for Michael Debono Limited, an importer of Toyota in Malta. The business is however much more than just a Toyota Dealership. The company has grown and evolved – seeing three generations of the Debono family lead the business forward. Over the years the company ventured into various areas including the selling and servicing of commercial vehicles and motorcycles. It also invested in an engineering company that is focused on delivering Storage & Racking Solutions and in a technology company that delivers Customer Experience Solutions. Adding to this, the company built up a strong and diverse property portfolio.

The ideal candidate will have excellent organizational, communication, and management skills, along with an ability to lead training sessions and workshops for staff members. In this role, the data protection officer will often be asked to independently communicate with all relevant employees to promote data protection compliance within the organization.

The Position

• Serve as the main point of contact within the organization for staff members, regulators, and relevant public authorities on issues related to data protection
• Ensure that company policies are in compliance with codes of practice such as GDPR (General Data Protection Regulation)
• Evaluate the existing data protection framework to identify areas of no or partial compliance, and rectify any issues
• Devise training plans and provide data protection advice to staff members
• Inform and advise the data controller or data processor on all matters related to data protection
• Promote a culture of data protection and compliance across all units of the organization 
• Provide expert advice and educate employees on important data compliance requirements
• Oversee all data protection agreements and clauses, ensuring alignment with regulatory requirements such as GDPR and company policies
• Draft new and amend existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders
• Deliver training across all business units to staff members who are involved in data handling or processing
• Conduct audits to ensure compliance and to address potential issues
• Maintain records of all data processing activities of the company
• Serve as point of contact for data protection authorities

The Requirements

• Two or more years of experience in data protection compliance or related field
• Proficiency in conducting Data Protection Impact Assessments (DPIAs) to assess and mitigate risks associated with data processing activities
• Expertise in data protection laws and practices, including deep understanding of GDPR
• Experience in a legal, audit, or risk management role 
• Ability to work effectively under pressure and to manage sensitive and confidential information
• Excellent verbal and written communication skills, with strong attention to detail

 

What we Offer

• Competitive remuneration package
• Continuous development and mentoring
• Flexible working arrangement
• Health insurance
• Employee referral scheme
• Weekly breakfast
• Monthly treats
• Employee discounts

 

Apply for job