Data Protection Officer (DPO)
Skills
About the Role
You will act as the independent guardian of personal data privacy within Coins EU. You will monitor compliance, advise on data protection risks, liaise with supervisory authorities, and serve as the point of contact for data subjects. You'll work closely with Compliance, Legal, Product, Engineering, and Support teams to embed privacy-by-design practices across the organization, while operating independently and reporting to the highest management level in line with GDPR Article 38.
Requirements
- Based in the EU with the ability to liaise with EU supervisory authorities
- Proven experience as a DPO or in a senior privacy or compliance role
- Deep knowledge of the GDPR, EU data protection law, and data subject rights
- Familiarity with privacy risks in digital finance, crypto exchanges, or fintech
- Understanding of cross-border data transfers and third-party risk
- Fluency in English (written and spoken); additional EU languages (i.e. Polish) is highly preferred
- Strong communication and ethical leadership skills
- Legal degree or CIPP/E, CIPM, or similar certification preferred
- Experience working with or for national data protection authorities preferred
- Understanding of anti-money laundering (AML) frameworks and their intersection with data retention preferred
Responsibilities
- Monitor internal compliance with GDPR and national data protection laws
- Advise on data protection impact assessments (DPIAs), data transfers, and privacy-by-design practices
- Ensure documentation of processing activities (RoPA) is up to date and accurate
- Serve as the primary point of contact for EU data protection supervisory authorities
- Support the organization in handling user requests (access, erasure, portability, etc.)
- Coordinate with Compliance, Legal, Product, Engineering, and Support teams
- Review vendor contracts and ensure GDPR-compliant data processing agreements are in place
- Advise on lawful bases for processing, consent, and cross-border data transfers
- Monitor compliance with special category data (e.g., biometric data) processing
- Conduct internal training on data protection principles and GDPR responsibilities
- Raise awareness among leadership and staff regarding privacy obligations and best practices
- Operate independently and not receive instructions regarding the exercise of their tasks
- Report to the highest management level of Coins EU
Benefits
- Flexible remote working environment within the EU
