Global Head of Marketing and Consumer Data Compliance
Diageo Business Services (DBS) is passionate about creating value for Diageo by driving exceptional business performance through the design and delivery of analytical solutions, integrated processes, systems and data, and managing total costs through excellence in service delivery.
The role of the Marketing and Consumer Data team is to enable marketing budget optimisation through the provision of cleansed, harmonised and compliant marketing performance data, and to actively improve it to increase business performance.
This is achieved through a thorough knowledge and understanding of the data and information architecture & design; governance of said design and measurement of data and information quality to identify process and performance improvements, and to meet its regulatory requirements with regards to data and information.
The role of the Global Head of Marketing and Consumer Data is accountable for the business’ compliance with global, regional (e.g. GDPR) and local data protection obligations and associated actions in respect of 1st, 2nd and 3rd party marketing and consumer data (digital and non-digital) and ensuring appropriate governance.
Purpose of Role
The role of the Global Head of Marketing and Consumer Data is accountable for the business’ compliance with global, regional (e.g. GDPR) and local data protection obligations and associated actions in respect of 1st, 2nd and 3rd party marketing and consumer data (digital and non-digital) and ensuring governance models are effective.
- Definition of the business’ consumer data policies and associated communications and training to ensure adherence by local teams
- Responsibility for 1st party consumer data capture governance, consumer core data set maintenance
- Responsibility for creation and maintenance of the media GDPR vendor list, processing activities register, record retention schedules, disaster recovery plans, information asset inventories (IAIs) and actions to manage risk / ongoing compliance
- Responsibility for ensuring local data strategies and marketing platform implementations are compliant with legal requirements for data hosting and storage
- Coordination of various internal to ensure ongoing compliance with the business’ data protection obligations
- Ownership of the subject access request (SAR) and deletion request process (inc. status reporting), ensuring integration of new data sources when required
- Own and embed agreed data standards and controls including data quality standards and operating processes
- Responsibility for ensuring global 1st, 2nd and 3rd party data collection and usage is compliant with the business’ responsible drinking obligations
- Roll-out of capability for all Business Owners to ensure understanding of expectations and actions
- Internal reporting on the management of our media and consumer data protection obligations including preparation for internal governance meetings and stakeholders
- Ensure any new agencies/media partners complete GDPR and Digital Code training
- Chair Media GDPR forum meetings, ensuring actions are allocated and followed up on
- Manages risks and issues log and ensures mitigation plans in place by owners
- Stay up-to-date with the business’ local, regional and global data protection obligations and ensure embedded policies and controls are aligned with the latest developments and guidance
What you need to be successful in this role
- Expert knowledge and 8+ years’ experience of working with the practical application of the data protection legislation, (GDPR most recently), with a compliance, IT security, legal or audit background
- Deep understanding of global PII, PCI, Data Protection, Security, Cookies standards and protocols
- Solid understanding of and 5+ years’ experience with marketing and consumer data platforms (with a focus on digital ad-tech), and how personal data is stored, processed and activated
- Recognised privacy qualifications e.g. IAPP / GDPR Practitioner, a plus
- Previous experience of monitoring compliance with regulatory requirements
- Experience in managing data incidents and breaches and remediation
- Knowledge of current and emerging cybersecurity risks and information security standards
- Ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks
- Excellent senior stakeholder management, including the ability to communicate effectively
- Strong personal communication skills capable of dealing with a wide range of stakeholders, including senior management, and to exercise professional judgement effectively
What's in it for you
- Working with various senior stakeholders in multicultural, cross boarder team
- Have ownership of an exciting area and directly influence marketing
- Be part of and shape a new area with a prospect for long journey
- Enjoy our company Bar and Shop