Data Protection Officer | f/m/d

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging both companies’ strengths and best practices. As a part of ERGO Technology & Services Management AG, the technology holding of ERGO Group AG, we support millions of internal and external customers with state-of-the-art IT solutions to everyday problems.

In October 2022, ET&S S.A. expanded its scope of operations by creating a Business Services unit to contribute in a new way to the growth of ERGO’s business. Acting as a co-partner and internal consultant, it adds non-IT value and supports the development of the entire ERGO Group, currently offering skills in reporting, analysis, actuarial, and input management. We are committed to fostering innovation and meeting the evolving needs of our clients worldwide.

Discover how we implement AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions, and business-related services to anticipate and address our customers’ future needs.

About the role

In this role, you will be responsible for ensuring compliance of the Company’s personal data processing procedures with applicable law, in particular with the General Data Protection Regulation (GDPR), Data Protection Act, and other data protection regulations and guidelines. To ensure full compliance with Article 38 of the GDPR and current PUODO guidance, this position is designed as a fully independent role, free from any operational responsibilities that could create a conflict of interests. You will be reporting directly to the Management Board, maintaining the autonomy required to oversee compliance and manage data protection risks across a multi-client ICT service and outsourcing environment in the financial services sector.

How you will get the job done

• informing the Management Board and employees involved in personal data processing of their obligations under the GDPR and the Data Protection Act and advising them accordingly, specifically focusing on the dual responsibilities inherent in outsourcing and ICT services

• monitoring compliance with the GDPR, the Data Protection Act, and other regulations in the area of personal data protection

• conducting activities to raise awareness of personal data processing, training employees involved in personal data processing operations, and conducting controls

• providing recommendations on data protection impact assessments and transfer impact assessments and monitoring their implementation in accordance with Article 35 of the GDPR, while maintaining an advisory function

• overseeing privacy‑by‑design and privacy‑by‑default principles are embedded in ICT systems, applications, and service delivery processes

• cooperating with the supervisory authority

• acting as the primary contact point for the supervisory authority and data subjects on issues related to processing, and, where appropriate, consulting on any other matters related to the processing of personal data

• actively participating in the process of handling security incidents related to the personal data, in cooperation with other organizational units

• identifying risks related to the area of personal data protection

• reporting to the Management Board/Group DPO on the status and maturity of personal data-related processes and cases of personal data breaches

• cooperating with Legal Division and Data Protection Department while performing duties

• providing explanations on all matters related to the correct application of personal data protection regulations

• ensuring that the DPO’s advisory role is in line with PUODO guidelines and does not overlap with operational decision‑making that could compromise independence

  
  

Skills and experience you will need

• fluency in Polish and English

• higher education or postgraduate studies in the following fields: National/Information Security, Cybersecurity, Law, Data Protection

• 5+ years of experience as a Data Protection Officer, preferably with experience in the financial‑services sector (e.g., banking, insurance, payments) or in regulated environments, ideally combined with ICT or outsourcing experience in a processor-side environment (GBS, BPO or ICT service delivery)

• deep understanding of the Polish legal landscape, including PUODO’s administrative practice and EDPB guidelines on the DPO’s role

• ability to work independently, exercise sound judgment, and maintain the independence required of the DPO role

• collaborative approach to work with all levels of the organization and mobility

Nice to have

• experience supporting organisations subject to DORA or other financial‑sector regulatory frameworks

• relevant certification (e.g., CIPP/E or CIPM)

Perks & Benefits

Let's be healthy

Medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.

Let's be balanced

Work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.

Let's be smart

We organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.

Let's be responsible

Each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.

Let's be fun

Company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!

Let's be diverse

Every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!