Indivumed is a biotech company focused on precision oncology. We discover therapeutically novel targets for the development of precision cancer therapeutics and strive for a future in which every cancer patient can benefit from precise therapeutic treatments. To achieve this goal, we dedicate our skills and knowledge in cancer research to the identification, validation, and preclinical development of first-in-class therapeutics. With more than twenty years of experience and a truly unique resource, based on a standardized collection process that secures a cold ischemia time of under 10 minutes, we are committed to transforming oncology and bringing the best possible therapies to patients. Temporary for 12 months as a parental leave replacement, we are currently looking for a Legal Counsel Data Protection & Compliance (m/f/d), part-time 15-20 hrs/week Your responsibilities: Inform, advise and issue recommendations to Indivumed regarding compliance with data protection laws particularly including to EU GDPR, with an openness to making yourself familiar with US HIPAA data protection regulations Under EU GDPR, identify business processes and systems that relate to the processing and storing personal data, and update and maintain the list of data processing activities Generate, update and maintain 'Data Protection Impact Assessments' as need be under EU GDPR, and update and maintain the company’s data deletion policies Work closely with relevant stakeholders on the creation and implementation of data protection by default and by design measures Review commercial agreements and contracts, including Data Processing Agreements with data processors, as well as customer questionnaires with regard to data protection Review, roll out and supervise staff awareness trainings to achieve compliance and foster a culture of data privacy within the organization Help to determine the appropriate safeguards (including technical and organizational measures) for mitigating any risks to the rights and interests of data subjects Generate mandatory reports on the status of data protection in the organization Cooperate with supervisory authorities and auditors, where required Support the organization with regard to various regulatory and compliance matters including biospecimen collection, access to and handling of medical data, anti-corruption and anti-money-laundering regulations, and export controls Our requirements: Master or comparable degree in law or business law 2-5 years of proven track record in practically handling EU GDPR topics and dealing with related data processing agreements, consent forms, data management contracts, and confidentiality agreement; experience as DPO would be a plus Clear affinity towards IT, digitization and data-driven business First experience in pharma or biotech industries would be a plus Open-minded and quick to grasp new tasks and topics Team worker with decided hands-on and service mentality Very good communication and presentation skills, fluency in English (written and oral) and very good command of German (C1/C2) Your benefits Demanding area of responsibility in a fast-growing company Grant for the HVV ProfiTicket/Deutschlandticket Subsidy for sports membership and events Company pension scheme Company doctor Fresh fruits and drinks Christmas and summer party Flexible working hours German and English courses 30 days holiday The 24th and 31st of December are holidays and won´t be deducted from your annual holidays. Would You Like to Contribute to the Success of Our Company? Please apply online and include your salary expectations and current notice period. Use our “Apply now” button here