Director of Data Privacy
About the role
Overview
ARB Interactive, Inc. (ARB) is seeking a Director of Data Privacy. The Director of Data Privacy will develop, lead and oversee our data privacy compliance operation and relevant teams and personnel responsible for building out and managing operational processes and programs that require compliance with various countries’ and states’ data privacy laws. The Director of Data Privacy is directly responsible for representing the Data Privacy compliance program during virtual and onsite audits from global regulatory bodies, financial institutions, attorney general offices and other governmental agencies.
The Director of Data Privacy will be responsible for developing, implementing, and maintaining the company’s data protection and privacy program in alignment with applicable laws and regulatory requirements, including but not limited to GDPR, CCPA, and gaming-specific regulations. This role will oversee the collection, processing, storage, and sharing of personal and financial data for players, employees, and partners, ensuring that all data handling practices are transparent, secure, and compliant. The Director of Data Privacy will conduct data protection impact assessments (DPIAs), manage records of processing activities, monitor third-party vendor compliance, and establish policies and procedures that reflect industry best practices in cybersecurity and responsible gaming environments.
In addition, the Director of Data Privacy will serve as the primary point of contact for regulators, supervisory authorities, and internal stakeholders on all matters related to data privacy and protection. The role includes leading incident response efforts related to data breaches, coordinating required notifications, and delivering privacy training and awareness programs across the organization. The Director of Data Privacy will advise leadership on privacy-by-design principles in product development, marketing initiatives, and platform enhancements, helping the company balance innovation with regulatory compliance and user trust.
The ideal candidate will have at least 8 years of experience managing data privacy compliance and laws. In addition to the following specific responsibilities, employee may be required to perform other such duties as assigned by ARB and their supervisor.
Responsibilities
This position will establish the foundation for ARB data privacy protections, policies and procedures. It will work with a fantastic team of executives who endeavor to grow, develop and innovate ARB’s best-in-class product offerings. Reporting to ARB’s General Counsel, this role will focus on ensuring ARB’s compliance with various countries and states data privacy laws, while educating and advising ARB’s management team and front line personnel on data privacy protections as well as the following:
- Lead and manage the company’s data privacy and protection program for a fast-growing online social casino and social plus gaming platform;
- Ensure compliance with GDPR, CCPA/CPRA, and applicable gaming regulatory requirements across all jurisdictions;
- Familiar with California Invasion of Privacy (CIPA) and Illinois Biometric Information Privacy Act (BIPA) compliance risk and related regulatory enforcement trends;
- Oversee lawful collection, processing, storage, and transfer of player and financial data, including KYC, AML, and geolocation information;
- Embed privacy-by-design principles into product development.