Rolex Data Protection Officer (DPO)

About Rolex

Rolex is a Swiss maison renowned for the design, manufacture and distribution of high‑end mechanical timepieces. The brand is widely recognised for technical excellence, vertical integration and rigorous quality control; as an employer it prizes discretion, precision and long‑term craftsmanship across manufacturing, retail and corporate functions.

Role & Responsibilities

• Act as the organisation's designated Data Protection Officer: advise on GDPR and Swiss data protection obligations and monitor ongoing compliance.
• Design, implement and oversee privacy governance frameworks, policies and procedures across corporate, retail and manufacturing operations.
• Lead Data Protection Impact Assessments (DPIAs) and maintain records of processing activities (RoPA).
• Coordinate cross‑functional privacy activities with Legal, IT, HR, Marketing, Retail and Supply Chain stakeholders to embed Privacy by Design and by Default.
• Manage incident response for personal data breaches, including internal investigation, regulatory notification and remedial action.
• Provide targeted training, awareness programmes and audits to ensure operational adherence to privacy requirements.
• Serve as the primary liaison with supervisory authorities and external counsel on regulatory enquiries and enforcement matters.
• Conduct regular compliance reviews, gap analyses and remediation roadmaps; report findings to senior management and governance bodies.

Qualifications

• Demonstrable expertise in EU GDPR and Swiss Federal Act on Data Protection (FADP); ability to interpret and apply privacy law in complex multinational operations.
• Proven track record (typically 5+ years) in a privacy, compliance or data protection role within regulated or international companies.
• Relevant professional certification preferred (e.g., IAPP CIPP/E, CIPM or equivalent) or legal qualification with privacy specialisation.
• Strong communicator with ability to translate legal requirements into operational controls and to brief senior executives.
• Experience conducting DPIAs, managing breach notifications and interfacing with data protection authorities.
• High degree of discretion, ethics and familiarity with managing confidential information in luxury or high‑security environments.

Skills

Experience

Five or more years of progressively responsible experience in data protection, privacy compliance or a closely related legal/compliance function, ideally within a multinational, regulated or luxury goods environment. Demonstrated experience running DPIAs, managing cross‑border data flows and engaging with supervisory authorities is essential.

Education

Bachelor's degree in Law, Information Security, Computer Science, or a related discipline; advanced degree or specialised privacy/legal certification preferred.

Workplace

Culture

Rolex cultivates a culture of technical excellence, meticulous attention to detail and professional discretion. The workplace emphasises cross‑functional collaboration between master craftsmen, engineers and corporate specialists, with a strong focus on long‑term quality, confidentiality and regulatory integrity.

About Cerulean

Cerulean is the definitive career portal for the global luxury industry. We match exceptional professionals with exclusive opportunities at the world's most prestigious brands. From haute couture and fine watchmaking to prestige beauty, hospitality, and boutique retail, Cerulean centralises luxury employment to help you find the career for which you were destined.