Legal Counsel - Privacy and Data Protection


Job Description
Our Purpose We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team - one that makes better decisions, drives innovation and delivers better business results. Job Title Legal Counsel - Privacy and Data Protection Who is MasterCard What role do we play in the modern world? Are we an enabler of purchases or a facilitator for transactions? We play a much larger role in the world by enabling those that have no access to financial systems - every employee has the opportunity to be a part of something bigger and to change lives. We have the technology, people and Brand to serve modern society. Today, we are a global tech company that connects everyone to endless possibilities, priceless possibilities. Overview * Mastercard is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of its business strategy * As part of that commitment Mastercard has established a world-class privacy program and is currently adding talent to its global team. * With Senior Counsel's support, the Counsel will drive privacy compliance counselling in Mastercard's NPP (New Payment Platforms ("NPPs") * Applications area in the LAC region with dedicated focus on privacy * Integration of a newly acquired NPP Applications legal entity in the region. Role The Role will include privacy counselling related to account-to-account payment services, invoice payment and other ancillary payment services and be responsible for ensuring compliance of Mastercard products and services with LAC region specific privacy & data-related laws, but also including the EU General Data Protection Regulation ("GDPR"). The Counsel will work directly with the business to implement Privacy by Design in products and processes while enabling business innovation. * The Counsel will also play a key role in respect of privacy integration related to NPP Applications acquisitions in LAC region * The position is an LAC NPP Applications regional position and will report to global NPP Applications Senior Counsel - Privacy & Data Protection in Denmark and will be a member of the Global Privacy & Data Protection team. * The position will be based in Mexico City or in Miami. * The ideal candidate will have good stakeholder management skills and have good understanding of strategic needs of internal and external business clients and their objectives while ensuring that the corporation remains compliant with privacy & data-related laws, as well as industry best practices. * With Senior Counsel support, ensure alignment and best-in-class compliance and privacy integration for NPP Applications LAC in terms of Mastercard alternative payment solutions via its NPPs, including a range of account-to-account payment services, invoice payment and other ancillary payment services, with Mastercard's policies, procedures and processes and with applicable privacy and data -related laws, such as local LAC regulation and the GDPR. * With Senior Counsel support, enable the development of data-driven and innovative alternative and instant payment solutions through Privacy by Design methodology; ensure appropriate documentation is in place in accordance with GDPR accountability requirements and assist conducting Data Protection Impact Assessments as needed. * Draft and review data processing agreements and participate in negotiations with customers, partners and vendors. * Stay updated on new privacy and data-related regulatory developments that may impact Mastercard's NPP Applications area, including a range of account-to-account payment service, invoice payment and other ancillary payment services * Engage with the NPP Applications organization on privacy and data-related matters, e.g., through employee training and raising employee awareness about relevant regulatory or industry developments. All About You * Law degree required. Membership to a Bar (if permitted by law). Any additional qualifications (e.g., Privacy certification) * Spanish speaking and English speaking * Knowledge of LAC region specific regulatory privacy guidance preferred and general knowledge of GDPR is an asset. * Familiarity with and interest in financial services industry and payment processing including alternative payment solutions and new payment platforms is preferred. * Strong analytic capabilities and written and oral communication skills. Attention to detail is a must. * Exceptional interpersonal skills with proven experience in relationship building and partnering. Must work well in both team and individual settings, including across LAC jurisdictions. * Ability to inspire, guide and influence highly skilled professionals on the compliance journey COVID-19 Considerations We value the safety of each member of our community because we know we're all in this together. In many locations, which may change over time, we've implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice. In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: * Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed; * Report any suspected information security violation or breach, and * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.