Data Privacy Manager (Data Mapping Team)

Vilnius / Berlin

Vinted logo


Join a second-hand fashion community of more than 45 million members. Give pre-loved fashion a second life and make money selling items you no longer need.
Apply now Apply later

Vinted is Europe’s biggest pre-loved fashion marketplace, with 45 million members in 15 countries. We want to make second-hand the first choice worldwide.
A team of over 1000 people from Vinted’s offices in Vilnius, Berlin, Prague, Amsterdam, and Utrecht develop and support our platform. We share a unique work culture that’s based on aiming high, taking ownership, co-creating, caring, and growth.
Vinted is committed to building an inclusive workplace where people from all walks of life feel a sense of belonging. We welcome applications from all suitably qualified persons regardless of their race, colour, national origin, citizenship, sex, gender identity, sexual orientation, religion/beliefs, disability or age. We truly believe when we can be fully ourselves, we work better.
As a part of Vinted’s Privacy Team, you will be supporting implementing Vinted’s overall compliance roadmap and ensuring a successful members’ experience when it comes to data privacy. You’ll work towards achieving privacy objectives and key results by taking ownership of cross-functional, organisation-wide activities, such as continuing a successful implementation of ROPAs, Privacy by Design and Data Governance. 
You will have a team of four data privacy specialists where we expect you to be responsible for providing guidance, training, and leadership skills and competences to inspire the team to perform and achieve Privacy Team results. You will also participate in scaling the team and hiring activities with the goal of creating a cohesive team that works efficiently together. 
As part of this role, you will collaborate with other teams such as Data, Engineering, Legal, Product and Analytics to implement data mapping objectives and key results, and assist in launching data governance program. You’ll become a part of the ambitious and data-focused Privacy team, which is centered on creating a long-term sustainable data protection program.

In this position, you will:

  • Maintenance of records of processing activities (ROPAs) in accordance with GDPR Art. 30 using OneTrust tool
  • Mapping new initiatives, including new launches, processing activities, infrastructure
  • Providing legal guidance/expertise to relevant stakeholders when mapping the new initiatives
  • Identifying ways how to track and always keep on top of all the data flows within the organisation
  • Ensuring third-party vendor due diligence processes and assessments
  • Coordinating between third-party vendor and new processing activity mapping
  • Performing privacy assessments such as DPIAs, LIAs, TIAs etc. 
  • Support in the risk management process by conducting privacy assessments to identify risks 
  • Coordinating and leading risk mitigation activities 
  • Ensuring data quality and implementation of data protection rules in practice, such as data ownership, activity logs, access restrictions, transparency, etc. 
  • Systematically reviewing Vinted infrastructure to ensure relevant data privacy rules are followed
  • Preparing related privacy documentation (strategies, memos, guidelines)
  • Help with ad-hoc Vinted data protection tasks (training and awareness, internal support, data access requests, DPA inquiries, etc.) 

About you:

  • Have at least 2 years of experience with data protection and privacy
  • Good knowledge of GDPR and other data protection laws, as well as the main soft law sources (e.g. guidelines of EDPB, Article 29 Working Party, DPAs)
  • Be able to translate GDPR and other data protection requirements into business language
  • Good analytical skills, including the ability to assess risk and impact from a privacy and data protection perspective
  • Excellent project management skills, including keeping up with tight deadlines, coordination among multiple stakeholders, delivery of results
  • Ability to multitask and to coordinate different interests of different business owners when looking for the best privacy solution
  • Attention to detail and accuracy when accomplishing tasks
  • Excellent at communicating in spoken and written English
  • Advantage: Knowledge of Privacy by Design and security standards 
  • Advantage: Privacy certification such as CIPP/E, CIPM, ISEB, ECPC DPO
  • Advantage: experience with OneTrust tool

Work perks:

  • Opportunity to join our share options programme
  • Learning budget (13.2% from net yearly salary in Vilnius; 10% from gross yearly salary in Berlin) 
  • 25 working days of holiday in Vilnius; 30 days in Berlin
  • Remote workout classes
  • Mental- and emotional-health support from Mindletic
  • Private health insurance (Vilnius office)
  • A canteen that serves homemade food at friendly prices (Vilnius office)
  • A daily allowance for ordering lunch (Berlin office)
  • Monthly team-building events
  • A personal budget for shopping on Vinted
  • Work anywhere in the EU for 90 days out of the year
  • Dog-friendly office
  • Home office support (IT workstation equipment provided + a personal budget of up to 540 € for home workplace furniture) 
We want people to work from where they’re most comfortable, which is why we’re using a hybrid workplace model at Vinted for the foreseeable future.
Hybrid means that we encourage working from the office on Tuesdays and Wednesdays and the remainder of your time from either home or the office, but it’s not required. You’re welcome to work from either location all or some of the time, depending on what you think is best and safest for you, and how the Covid-19 situation is developing where you are.
The salary range for this position starts from 3419 EUR gross per month upwards, depending on location and level of experience.
If this sounds interesting – you may well be just who we need.
Job region(s): Europe
Job stats:  4  0  0
  • Share this job via
  • or

Explore more Information Security career opportunities