BettingJobs is working with a well-established B2C casino operator with multiple brands, who are seeking to hire an experienced Data Privacy Analyst to join their team in Limassol.

Responsibilities:

• Manage and coordinate the response to data subject rights requests, including access, erasure, and portability, ensuring legal deadlines are met and operational risks are mitigated.
• Maintain and enhance the Record of Processing Activities, including working closely with business units to document data flows and processing operations.
• Conduct and review Data Protection Impact Assessments and Legitimate Interest Assessments, advising business stakeholders on risks and mitigation strategies.
• Support or lead vendor privacy risk assessments, including reviewing DPAs, SCCs, TIAs, and monitoring third-party compliance.
• Participate in the investigation and documentation of data breaches or incidents, including root cause analysis, risk assessments, and regulatory notification support.
• Collaborate with internal stakeholders across Legal, Security, HR, Marketing, and IT to embed privacy-by-design into products, services, and operations.
• Assist in regulatory readiness projects and maintain awareness of evolving privacy laws.
• Draft and update privacy notices, internal procedures, and awareness materials in collaboration with the DPO office.
• Monitor and analyse trends in privacy enforcement, industry best practices, and legislative developments to support continuous program improvement.

Requirements:

• 2–5 years of experience in privacy, data protection, legal, compliance, or risk roles.
• Solid understanding of GDPR and international privacy laws (CCPA, LGPD, etc.).
• Experience conducting DPIAs, vendor assessments, and responding to DSARs.
• Strong legal/technical acumen and ability to translate privacy requirements into practical actions.
• Excellent written and verbal communication skills, including experience with policy writing and stakeholder engagement.
• Self-starter with strong organizational and time management skills.
• Professional certifications such as CIPP/E, CIPP/US, CIPM, or equivalent.
• Experience in highly regulated or data-intensive industries (e.g., gaming, finance, fintech).
• Familiarity with GRC tools, privacy management software (e.g., OneTrust, TrustArc), or IT risk platforms.
• Experience contributing to regulatory audits, due diligence exercises, or internal investigations