Privacy Officer

Privacy Officer

Operating with significant autonomy and high visibility across the organization, you will partner with the Data Protection Officer and lead the execution and continuous evolution of the privacy program, with accountability for strategic initiatives, regulatory risk management, stakeholder alignment, and operational excellence.

**Key Responsibilities**
- Serve as a trusted advisor and strategic partner to executive and senior leadership teams on all matters related to data privacy, data ethics, and regulatory compliance.
- Support the implementation and maturity of Bulgari’s Global Privacy Framework, ensuring full integration with business objectives and alignment with LVMH Group policies.
- Support the development and governance of cross-functional privacy initiatives, including Privacy by Design, Data Protection Impact Assessments (DPIAs), and global Records of Processing Activities (RoPA).
- Proactively identify and assess emerging privacy risks stemming from new technologies (AI, digital platforms, CRM, etc.), regulatory changes (GDPR, AI Act, Data Act), and evolving business models.
- Ensure end-to-end compliance with international data protection laws and industry standards, acting as a key point of escalation for high-risk processing activities and complex privacy scenarios.
- Coordinate internal privacy investigations and manage data breach response activities in collaboration with Legal, IT Security, and Risk.
- Monitor changes in global privacy legislation and translate them into actionable operational and policy updates across all affected business units.
- Evaluate third-party privacy risks (vendors, platforms, tools) through rigorous Third-Party Risk Management (TPRM) assessments.
- Leverage technology to enforce governance, document decisions, and report on KPIs, program effectiveness, and regulatory readiness.
- Design and continuously refine privacy operating models, policies, standard operating procedures (SOPs), and training frameworks.
- Own and lead key privacy projects or workstreams end-to-end, coordinating cross-functional teams and external consultants when needed.
- Drive a company-wide privacy culture through customized awareness programs, role-based training, and leadership briefings.
- Champion ethical data use, transparency, and accountability as part of Bulgari’s digital transformation and customer trust initiatives.
- Mentor privacy professionals or interns and contribute to knowledge-sharing and upskilling within the wider Compliance & Cybersecurity Department.

Responsabilità del lavoro

**Required Qualifications and Experience**
- Master’s degree in Law, Information Security, Data Governance, Technology, or equivalent.
- 8+ years of full-time experience in Privacy and Data Protection, preferably in complex, regulated environments (luxury, consumer goods, technology, finance, or consulting).
- Proven experience leading privacy programs or frameworks across multiple geographies and business domains.
- Deep knowledge of the GDPR and related regulations (AI Act, Data Act, etc.) with a practical, business-focused mindset.
- Previous exposure to DPO support roles, internal counsel functions, or senior privacy advisory capacities.
- Demonstrated experience handling cross-border data transfers, including SCCs, BCRs, and adequacy assessments.
- Fluency in Italian and English

**Technical & Analytical Skills**
- Proficient with privacy management technology, e.g. OneTrust, Microsoft Office and Internet/Web-based Applications.
- Familiarity with data lifecycle governance, data discovery/classification technologies, and GRC tooling.
- Solid understanding of cloud environments, cybersecurity principles, and third-party ecosystems.

**Certifications**
- IAPP certifications such as CIPP/E, CIPM, CIPT or FIP.
- ISO/IEC 27701, CDMP, CISM, or related privacy/compliance certifications are a plus.
- JOB NUMBER**

**BULG09480**:

- COUNTRY / REGION**

**Italy**:

- CITY**

**ROME**:

- CONTRACT TYPE**

**Permanent**: