Data Protection Officer

  • Gurugram
  • Nykaa

Requirements - GDPR, CCPA, DPDPA, DPO, CIPP, ISO 27701, OneTrust

Key Responsibilities:

1. Monitor and ensure compliance with relevant data protection laws and regulations.

2. Conduct regular audits and assessments to identify and address privacy risks.

3. Develop and implement strategies to ensure ongoing compliance with evolving privacy requirements.

4. Develop, update, and implement comprehensive privacy policies and procedures.

5. Work closely with cross-functional teams to embed privacy principles into business processes and projects.

6. Provide guidance on data protection impact assessments (DPIAs) and ensure their completion where necessary.

7. Keep the organization informed about changes in privacy laws and best practices.

8. Establish and maintain processes for handling data subject rights requests.

9. Evaluate and monitor the privacy practices of third-party vendors and service providers.

10. Ensure that contracts with vendors include appropriate data protection clauses.

11. Collaborate with legal, Tech, and other relevant departments to address privacy-related issues.

12. Act as the primary point of contact for data protection authorities and communicate regularly with stakeholders.


1. Graduate in Computer Science or Information Security

2. 10-15 years of experience in data protection and privacy roles.

3. In-depth knowledge of global privacy regulations, including but not limited to GDPR, CCPA, DPDPA and other regional data protection laws.

4. Professional certification in privacy (e.g. CIPP/E, C-DPO, DCPLA, ISO 27701 ) is highly desirable.

5. Hands on experience in using privacy & security solutions such as OneTrust,, etc

6. Strong analytical and problem-solving skills.

7. Excellent communication and interpersonal skills.

8. Ability to work independently and collaboratively in a dynamic environment.