1. Home
  2. Data Protection Officer

Offers “Accor”

New
Accor

Data Protection Officer

  • Nairobi, Kenya
Apply Now

Job description

Job Description

Reporting to the Cluster General Manager, responsibilities and essential job functions include but are not limited to the following:

·  Ensure compliance with Kenya’s Data Protection Act (2019), GDPR (where applicable), and Accor Group Data Protection policies.
·  Serve as the main point of contact between the hotel cluster and the Office of the Data Protection Commissioner (ODPC) and other relevant regulatory authorities.
·  Monitor changes in data protection legislation and update policies accordingly.
·  Develop, implement, and maintain internal data protection policies and procedures.
·  Conduct regular audits and assessments of data processing activities across departments (Front Office, Reservations, IT, Finance, Sales & Marketing, etc.).
·  Ensure all departments adhere to approved data handling and processing protocols.
·  Develop and deliver ongoing training programs for employees on data privacy, confidentiality, and best practices.
·  Promote a culture of data privacy and security across both properties.
·  Evaluate and advise on the data protection impact assessments (DPIAs) for new projects or technologies involving personal data.
·  Respond to and manage data breaches in accordance with internal protocols and regulatory requirements.
·  Maintain a data breach register and report incidents to management within statutory timelines.
·  Work closely with Front Office, Reservations, HR, IT, Marketing, and third-party vendors to ensure data processing activities comply with privacy regulations.
·  Maintain a data processing inventory and ensure accurate recordkeeping of guest and employee data practices.
·  Facilitate and manage all requests relating to the rights of data subjects (access, correction, erasure, restriction, etc.).
·  Maintain records of all such requests and ensure timely and compliant responses.
·  Liaise with Accor regional DPOs and Regional teams to ensure alignment with global policies.
·  Prepare regular compliance reports for the Cluster General Manager.
·  Collaborate with IT and Security teams to ensure technical safeguards are adequate and up to date.

Qualifications

·  Bachelor's degree in Law or relevant degree in Information Security or Technology, Data Governance, or a related field.
·  Certified Data Protection Officer (CDPO), CIPP/E, CIPM, or other relevant certification is an asset.
·  Minimum 3 years of experience in IT Department /Data protection, compliance, legal, or risk management—preferably in hospitality or multinational settings.
·  Strong knowledge of Kenyan Data Protection Act 2019, GDPR, and international data privacy frameworks.
·  Experience conducting data audits, managing privacy impact assessments, and handling data breaches.

Additional Information

Physical Aspects of Position (include but are not limited to):

·  Constant standing and walking throughout shift
·  Frequent standing and walking throughout shift
·  Occasional lifting and carrying up to 30 lbs
·  Occasional kneeling, pushing, pulling, lifting
·  Occasional ascending or descending ladders, stairs and ramps

Make every future a success.
  • Job directory
  • Business directory
    •