Data Privacy Manager

Data Privacy Manager

• Application Deadline: 27 October 2025
• Department: Technology-CDSIO
• Employment Type: Permanent - Full Time
• Location: Hong Kong (SAR)

Description

About Mox

Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Why Mox

Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?

Responsibilities

• Develop and Implement Privacy Program: Design, develop, and implement a comprehensive privacy program that aligns with Mox’s risk management framework and complies with relevant data protection regulations, such as PDPO, PIPL, GDPR
• Conduct Privacy Impact Assessments (PIAs): Conduct PIAs to identify and mitigate potential privacy risks associated with new and existing products, services, and processes.
• Data Inventory: Maintain an up-to-date inventory of personal data 
• Privacy Policies and Procedures: Develop, review, and update privacy policies and procedures to ensure they are current, effective, and compliant with regulatory requirements and accommodate business needs.
• Data Subject request: provide response to the data access and correction request 
• Training and Awareness: Provide training and awareness programs for employees on privacy best practices, data protection regulations, and the organization's privacy policies and procedures.
• Incident Management: Develop and implement procedures for responding to data breaches and other privacy incidents, including notification to relevant authorities and affected individuals.
• Vendor management: Assist third-party vendor risk management program to ensure compliance with data protection regulations and organizational privacy policies, through vendor risk assessments, due diligence, contract review, and ongoing monitoring.
• Regulatory Compliance: Monitor and ensure compliance with relevant data protection regulations, including responding to regulatory inquiries and audits.
• Stakeholder Collaboration: Collaborate with various stakeholders, including IT, Risk, Compliance, Legal and Business teams to ensure privacy is integrated into business processes and operations.
• Continuous Monitoring and Improvement: Continuously monitor the privacy program's effectiveness and identify areas for improvement, implementing changes as necessary.

Requirements

• 5+ years of experience in a privacy or data protection role, preferably in a fintech or banking environment.
• Strong knowledge of data protection regulations, such as PDPO, GDPR, PIPL.
• Experience in developing and drafting privacy & data related governance documents
• Experience in developing and implementing a privacy program, conducting PIA, handling data incident, managing data subject access and correction request.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work collaboratively with various stakeholders across the organization
• Provide advisory and consultation to assist stakeholders to navigate the regulatory compliance during daily operation, product design, third party vendor onboarding, customer enquiries, etc. 
• Act as Subject Matter Expert for the first line of defense
• Strong attention to detail and organizational skills.
• Professional education & certification in data protection or privacy, such as law, CISA, CISSP, CIPP, CIPM, CIPT.
• Experience with data inventory.
• Experience & knowledge on fintech and banking operations.