Key Responsibilities
- GDPR Compliance Oversight
- Monitor internal compliance with GDPR and national data protection laws
- Advise on data protection impact assessments (DPIAs), data transfers, and privacy-by-design practices
- Ensure documentation of processing activities (RoPA) is up to date and accurate
- Stakeholder Engagement
- Serve as the primary point of contact for EU data protection supervisory authorities
- Support the organization in handling user requests (access, erasure, portability, etc.)
- Coordinate with Compliance, Legal, Product, Engineering, and Support teams
- Risk Management & Privacy Governance
- Review vendor contracts and ensure GDPR-compliant data processing agreements are in place
- Advise on lawful bases for processing, consent, and cross-border data transfers (e.g., AWS Japan hosting)
- Monitor compliance with special category data (e.g., biometric data) processing
- Training & Awareness
- Conduct internal training on data protection principles and GDPR responsibilities
- Raise awareness among leadership and staff regarding privacy obligations and best practices
Required Qualifications
- Based in the EU with the ability to liaise with EU supervisory authorities
- Proven experience as a DPO or in a senior privacy or compliance role
- Deep knowledge of the GDPR, EU data protection law, and data subject rights
- Familiarity with privacy risks in digital finance, crypto exchanges, or fintech
- Understanding of cross-border data transfers and third-party risk
- Fluency in English (written and spoken); additional EU languages (i.e. Polish) is highly preferred
- Strong communication and ethical leadership skills
- Legal degree or CIPP/E, CIPM, or similar certification
- Experience working with or for national data protection authorities
- Understanding of anti-money laundering (AML) frameworks and their intersection with data retention
- Independence and Resources
- In line with GDPR Article 38, the DPO will:
- Operate independently and not receive instructions regarding the exercise of their tasks
- Report to the highest management level of Coins EU
- Be provided with adequate resources to fulfill their duties
- The opportunity to define and uphold the privacy governance framework of a growing EU crypto platform
- Flexible remote working environment within the EU
- Competitive compensation
- A collaborative and transparent organizational culture