Role reporting to the EVP Governance, Risk and Compliance. Scope and organization The scope of the Group Data Protection Office covers all GEODIS activities worldwide. The Group Data Protection Officer relies on a network of Data Protection Correspondents in the Regions, Lines of Business and Functions. These Correspondents are not fully dedicated to Data Protection (DP), they combine this role with IT and/or Compliance functions in their organization and ensure first-level answer for the missions described below. Mission and key activities The Group Data Protection Officer: - is the central point of contact to inform and provide expert advice on all matters related to Data Protection; - leads, supports and monitors the activity of the Correspondents on a second level; - collaborates with all Functions (notably legal, HR, procurement, IT, marketing and sales), all Regions and Lines of Business, and develops strategies and initiatives to ensure engagement with key stakeholders; - promotes a culture of Data Protection across the Group; develops, arranges and delivers training (e-learning, in-presence, webinar, etc.) on Data Protection to employees and managers who are involved in data handling all over the Group; - continuously evaluates and monitors compliance with Data Protection standards; prepares, launches, monitors and analyzes self-assessments to evaluate the existing Data Protection framework and identify areas of improvement; - drafts new and updates existing Data Protection policies, guidelines, and procedures, in consultation with key stakeholders; - reviews and drafts contractual clauses or Data Protection agreements to adapt standards or review partner models (for any processing with a Data Protection risk); liaises with the internal process owners and the third-party data controllers or processors to identify the best approach and advise accordingly; - monitors compliance with Data Protection regulations wherever the Group operates; monitors adaptation to local privacy laws in coordination with local Correspondents; follows-up with changes in law and major sanctions in order to issue recommendations in a continuous improvement approach; - participates to all projects involving personal data to ensure privacy by design; - ensures documentation of data processing for proper accountability; helps identifying and evaluating data processing activities, notably those with higher risk; and provides advice on how to conduct Data Protection Impact Assessments (supporting tool OneTrust). The Group Data Protection officer will be the main interlocutor of the CNIL