Data Protection Officer

Overview: SOFTSWISS is looking for an experienced Data Protection Officer (DPO) to oversee and ensure compliance with data protection laws, including the General Data Protection Regulation (GDPR). The DPO will play a key role in maintaining the company’s privacy governance framework, supporting our teams in implementing privacy-by-design principles, and serving as the main point of contact for data protection authorities and individuals. About Product: Payment Gateway (FinteqHub): The Payment Gateway is part of our growing fintech software and payment management system. The team works on providing clients with a payment platform designed to help online businesses manage and process monetary transactions worldwide. Key responsibilities: • Ensure the company’s processing of personal data complies with applicable data protection laws, including GDPR. • Develop, implement, and maintain data protection policies, procedures, and frameworks aligned with regulatory requirements, including maintaining a comprehensive Record of Processing Activities (ROPA). • Inform and advise the company and its employees of their obligations under data protection law. • Provide expert guidance during product design and implementation to ensure privacy-by-design and privacy-by-default principles. • Monitor compliance with data protection legislation, conduct audits, raise awareness. • Review existing draft contracts for data protection implications and ensure appropriate privacy and security clauses are included. Develop Data Processing Agreement draft. • Identify and assess privacy risks related to processing, storage, and data transfers. • Advise on and monitor Data Protection Impact Assessments (DPIAs) and Transfer Impact Assessments (TIAs). • Establish and manage procedures for detecting, reporting, and investigating data breaches, including breach notifications to supervisory authorities and affected individuals when required. • Maintain a data breach register and oversee post-incident reviews. • Proactively recommend improvements to ensure ongoing compliance and risk reduction, including measures related to security, data storage, and data retention. • Act as a contact point for data subjects exercising their rights (access, rectification, erasure, portability, restriction, objection). • Serve as the company’s main contact point with the State Data Protection Inspectorate (VDAI). • Provide regular reports and briefings to senior management on privacy risks, incidents, and compliance status. • Undertake additional compliance-related duties as assigned by management, in alignment with data protection principles and legal requirements. Required Experience: • Education: Minimum Bachelor’s degree in Law. • Experience: Proven track record as a Data Protection Officer or Privacy Law Compliance Officer, ideally in a technology or fintech company. • Knowledge: Deep and practical understanding of GDPR, Lithuanian data protection laws, and privacy compliance frameworks. • Languages: Fluency in Lithuanian and English (written and spoken) is mandatory. • Residence: The candidate must reside in Lithuania. • Excellent communication and analytical skills. • Strong attention to detail and ability to balance regulatory compliance with business needs. The DPO will work closely with: • Product/Data Privacy Responsible – ensuring GDPR is implemented across product development, architecture, and data flows. • CISO/Security Team – supporting technical controls such as encryption, access management, incident response, and retention enforcement. Our Benefits: • Full-time remote work opportunities and flexible working hours • Private insurance • Additional 1 Day Off per calendar year • Sports program compensation • Comprehensive Mental Health Programme • Free online English lessons with a native speaker • Generous referral program • Training, internal workshops, and participation in international professional conferences and corporate events. Apply tot his job Apply To this Job