FullContact is the premier provider of SaaS-based identity resolution that empowers brands to improve their customer experience and authentically engage with consumers. Using a consumer-first approach with our product offerings, we aim to make relationships better and that starts with our employees. We offer excellent benefits for our teammates, including full medical and dental coverage, our famous “paid, paid vacation” and a generous stock option plan. You’ll join an innovative, enthusiastic team whose hard work helped us achieve recognition from the API awards, MarTech Breakthrough awards, and inclusion on the Inc. 5000 list for fastest growing companies.
As our Chief Privacy Officer, you will be responsible for leading our company’s data privacy strategy and advocacy. As part of FullContact’s Senior Leadership Team, you will play an instrumental part in owning and driving strategic decisions and overall data privacy strategy for the company. You will be called upon to evangelize our company externally and share our excitement.This role reports to the President - Enterprise Solutions and is a member of the Senior Leadership Team.
Privacy and risk compliance
GDPR resident expert
CCPA (and other US regulations) resident expert
Consistent supplier and customer compliance, indemnity and limits of liability
Data rights and audits
Lead all privacy related diligence efforts as it pertains to corporate development opportunities
Ensure consistency of policies
Identify risks and mitigation
Manage outside counsel required for privacy related matters
Builds a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of data.
Ensures privacy forms, policies, standards, and procedures are up-to-date.
Works with organization senior leadership to establish governance for the privacy program.
Serves in a senior leadership role for privacy compliance.
Ensure alignment between security and privacy compliance programs including policies, practices, investigations.
Establishes an ongoing process to track, investigate and report inappropriate access and disclosure of data. Monitor patterns of inappropriate access and/or disclosure of data.
Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation and remediation.
Conducts related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.
Takes a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.
Oversees, develops and delivers initial and ongoing privacy training to the workforce.
Participates in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
Oversees customer rights to inspect, amend, and restrict access to protected health information when appropriate.
Manages all required breach determination and notification processes under applicable State and Federal requirements.
Establishes and administers a process for investigating and acting on privacy and security complaints.
Performs required breach risk assessment, documentation, and mitigation. Works with Human Resources to ensure consistent application of responses for privacy violations.
Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.
Maintains current knowledge of applicable federal and state privacy laws and accreditation standards.
Works with organization executive leadership, legal counsel, and other related parties to represent the organization's information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard.
Cooperates with legal entities in any compliance reviews or investigations.
Serves as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.
Regular interaction with Executive Leadership and Board of Directors.
5-10 years of relevant and progressive Privacy experience, preferably in the SaaS AdTech/MarTech industry. The successful candidate will bring technical privacy expertise with superior knowledge, skills and experience in regulatory related matters, as well as strong operational and business process management.
Certified Information Privacy Professional (CIPP) certification is highly desired.
Experience working with U.S. Privacy and Data Protection laws and regulations.
Proven analytical, planning, problem solving, and decision-making skills; ability to quickly execute on strategic decisions to drive organizational results.
Demonstrated strong communication skills at all levels within the organization. Ability to translate technical content into business understandable terms; successful market-facing presentation skills with C-suite level executives and Board of Director members.
Superior matrix management and partnering skills with the ability to interact and quickly gain credibility and build collaborative working relationships to produce business results. Ability to work cross-functionally and manage partnerships across organizations.
Strong positive leadership skills with demonstrated ability to navigate through a dynamic environment.
Strong background of operational rigor and excellence.
Travel required - Up to 25%
All offers of employment at FullContact are contingent upon clear results of a thorough background check. FullContact is an Equal Opportunity Employer. FullContact does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law.