Data Protection Officer – The National Arts Council of Botswana

The National Arts Council of Botswana (NACB), established under the National Arts Council of Botswana Act, No. 10 of 2020, is seeking a qualified Data Protection Officer. The NACB’s mandate is to develop, promote, and protect the creative and cultural sector of Botswana through policy, legislation, industry facilitation, and various partnerships, programmes, grants, and initiatives. The Council aims to transform the local creative and cultural sector by nurturing excellence and preserving the nation’s rich cultural traditions, with the goal of building an inclusive, sustainable, and prosperous sector.

Reporting Structure:

This position reports to the Legal Counsel & Board Secretary.

Job Purpose:

The Data Protection Officer will ensure the Council’s compliance with all applicable data protection laws, including the Data Protection Act and other relevant regulations. This role involves overseeing data protection processes, ensuring the lawful processing of personal data, and serving as the primary point of contact for regulatory authorities and data subjects.

Key Responsibilities:

• Ensure the Council’s adherence to all applicable data protection laws and regulations.
• Monitor data processing activities to verify compliance with legal obligations.
• Develop and maintain comprehensive data protection policies, procedures, and standards.
• Provide expert guidance to the Council on data protection matters, including privacy impact assessments (PIAs) and legal requirements.
• Conduct regular training sessions to enhance staff awareness of data protection and privacy practices.
• Advise departments on data privacy considerations related to new projects, systems, or technologies.
• Minimize data breaches and ensure efficient and effective response and resolution.
• Facilitate timely and accurate responses to data subject access requests (DSARs).
• Maintain currency of data protection policies through regular review and updates to reflect legal changes.

Essential Qualifications and Experience:

• Bachelor of Laws (LLB), Information Security, Data Management, or a related field.
• Relevant certifications are highly desirable.
• Certified Information Privacy Professional (CIPP/E or equivalent).
• Certified Information Privacy Manager (CIPM).
• A minimum of four (4) years of post-qualification experience.
• Demonstrated experience in data protection, privacy law, or compliance.
• Comprehensive understanding of the Data Protection Act and Regulations, and other relevant data protection regulations.
• Strong knowledge of data protection principles and best practices.

Application Process:

Interested candidates should submit a detailed Curriculum Vitae (CV), cover letter, and relevant certificates via email to [email protected]. The application deadline is March 21, 2025. Only shortlisted candidates will be contacted. For inquiries, please contact 3634400.