BNP Paribas Group Overview
BNP Paribas Group has a presence in 75 countries with more than 185,000 employees, including 145,000 in Europe. It ranks highly in its two core activities: Retail Banking & Services and Corporate & Institutional Banking.
At BNP Paribas Group, we work continuously on behalf of our clients, helping them to realize their projects around the world. You can be an important part of this, helping us to serve our clients both in mature and emerging markets, providing them with financial solutions across a diverse range of expertise, products and services.
Strong risk management, combined with the stability that comes from being part of one of the largest banking groups in the world, underpin our success. Joining us, you'll become an integral part of a dynamic team that spans nationalities, cultures and backgrounds, drawing together people from around the globe and reflecting our commitment to international placements.
BNPP Group Personal Data Protection framework, defined to respond to the new General Regulation on Data Protection - GDPR coming into effect on 25 May 2018, relies on the accountability of teams within BNPP entities and territories in their processing of Personal Data (customer, employees, UBOs, representatives of corporate, vendors, etc.)
The 1st Line of Defence (Business, IT and CDO) has the responsibility to embed data protection regulations and Group policies and guidelines in the internal organization and processes within its perimeter (e.g. privacy by design, PIA, security measures, etc.)
DPC is positioned in the 2nd line of Defence (within RISK function), and will be responsible for the scope outlined under his/her responsibility. The DPC must assist the relevant DPO in supervising the compliance with data protection regulations and Group policies and guidelines, ensuring second level controls and giving the necessary guidance to support the 1st Line of Defence.
In order to ensure consistency with the Group's management structure, a DPC is positioned at Entity level. He/she will report to Data Protection Officer (DPO) of the relevant Business Line.
Key direct responsibilities
A DPC will be appointed with the following key direct responsibilities within his / her scope:
· Communication with external stakeholders, Data Protection Authorities and data subjects :
· Support the DPO by preparing the communication;
· Participate in exchanges with the relevant DPA and cooperate with the DPA, based on DPO's instructions.
2. Matters related to organization and framework related to personal data protection within his / her scope: