Legal Director, Privacy

**About Restaurant Brands International**:
Restaurant Brands International Inc. is one of the world's largest quick service restaurant companies with more than $35 billion in annual system-wide sales and over 28,000 restaurants in more than 100 countries. RBI owns four of the world's most prominent and iconic quick service restaurant brands - TIM HORTONS®, BURGER KING®, POPEYES® and FIREHOUSE SUBS®. These independently operated brands have been serving their respective guests, franchisees and communities for decades. Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities.

**Legal Director, Privacy** **& Data Protection - EMEA & APAC**

**Our opportunity for you**:
RBI is one of the world's largest quick service restaurant companies with over 27,000 restaurants in more than 120 countries. RBI owns three of the world's most prominent and iconic quick service restaurant brands - Tim Hortons®, Burger King®, Firehouse Subs®, and Popeyes®.

RBI's Global Privacy Program continues to mature in response to enhanced regulatory and enforcement risks, increased expectations around data ethics from society and key stakeholders, and innovative and evolving business models. We're quickly growing the team and need a Legal Director, Privacy & Data Protection in our Zug, Switzerland office. This role will be reporting to the Global VP, Privacy Officer at RBI. It will be responsible for leading RBI's Global Privacy Program in EMEA & APAC, and for driving RBI's handling of legal and compliance issues related to privacy, security, and data protection matters in these regions.

Join us and help build the next generation of digital experiences for some of the world's most-loved brands

**Primary responsibilities - What you'll do**:

- Lead the development and implementation in the regions of RBI's Global Privacy & Data Protection Program
- Design, propose and implement privacy processes, protocols, and controls that are the foundation of a modern and proactive privacy function
- Be the go-to person for all privacy matters and steer external counsel/DPO as needed
- Develop and implement policies, protocols, and controls for the Program
- Oversee the legal and regulatory compliance for privacy, security, and data matters
- Serve as the primary expert and resource on these matters for the teams on the ground. Provide legal advice and day-to-day support to legal colleagues and business stakeholders on privacy, security, and data related matters.
- Document, prioritize, and communicate clear privacy requirements for product initiatives and releases
- Educate and advise the business team on new data, privacy, and ethical uses, and provide strategies to address privacy and data governance considerations
- Evaluate the impact of privacy laws, regulatory guidance, and enforcement actions
- Draft, negotiate, structure, and advise on a variety of complex, multifaceted agreements involving partnerships, technology transactions, and data protection-related legal issues
- Ensure our commercial relationships comply with applicable law and our internal privacy, security, and compliance policies
- Provide strategic legal and business advice to facilitate and develop long-term relationships with clients and partners

**What you'll bring**:
Experience
- D. from an accredited law school + active and in good standing Bar license
- 10+ years of post-Bar admission experience, preferably a combination of law firm and in-house experience (experience advising tech and/or hospitality companies is preferred)
- At least 8+ years of relevant privacy, data protection, and compliance experience
- Sophisticated, in-depth knowledge of global data privacy laws, in the EU and APAC
- Experience implementing privacy management programs
- Broad understanding of changing priorities, trends, legislative and regulatory requirements and/or other internal and external emerging issues and their potential impacts on goals, priorities and activities within a privacy program and across the organization
- Experience with incidents and data breaches
- Experience with regulatory investigations
- Strong background in technology transactions, commercial law, privacy, data protection
- Skilled negotiator with deep transactional expertise
- Experience working closely with clients and successfully managing client relationships
- Demonstrated ability to issue spot and "connect the dots" across business units on data privacy, security, and compliance matters, and escalate accordingly

**Skills**:

- Excellent English language skills that include the ability to draft complex legal briefs.
- Comfortable working with a legal and business mindset simultaneously
- Outstanding analytical and negotiation skills, with strong attention to detail
- Sound business and legal judgement
- Able to make smart decisions and balance risk, often in ambiguous situations and with imperfect information
- Wi