Data Protection Officer and IP specialist

Welcome to KTO Group, where innovation drives excitement in iGaming. Founded in 2018 by Andreas Bardun, we're transforming online gaming with a focus on transparency and player satisfaction.

AtKTO.com, we blend the thrill of sports betting with online casino entertainment, tailored to local markets and powered by our proprietary platform for a seamless, personalized experience.

KTO is a rising leader in LATAM, proudly ranked among Brazil's top 10 iGaming brands. Join us as we set new standards in trust, innovation, and the future of iGaming.

The Data Protection Officer (DPO) is responsible for ensuring the organization's compliance with data protection laws and internal data governance frameworks. This includes building and maintaining a robust data protection strategy, managing data risks, and promoting a privacy- centric culture. In addition to traditional DPO duties, the role also extends to supporting intellectual property (IP) protection, including trademark portfolio management and enforcement through cease-and-desist letters.

• Act as the primary point of contact for all matters related to data privacy and protection.
• Monitor compliance with the LGPD, GDPR, and other applicable data protection laws.
• Advise on and implement privacy-by-design and privacy-by-default principles.
• Develop, review, and maintain internal data protection and privacy policies and procedures.
• Review and draft DPA.
• Oversee the enterprise Data Protection Risk Management System.
• Conduct and document Data Protection Impact Assessments (DPIAs) for new projects, tools, or services.
• Maintain and update the data protection risk register and coordinate mitigations.
• Collaborate with IT and security teams on incident response planning and breach notification processes.
• Lead data mapping efforts across the organization to ensure up-to-date records of processing activities.
• Identify and classify personal data across business units and third-party vendors.
• Maintain and ensure the accuracy of the organization's RoPA documentation.
• Develop and operate workflows to efficiently respond to data subject access requests, deletion requests, and other rights.
• Ensure timely, lawful, and accurate responses to DSRs in accordance with regulatory timelines.
• Draft, implement, and update privacy and security policies including:
• Data Retention Policies
• Information Security Policies
• Vendor Privacy Standards
• Design and deliver employee awareness programs and mandatory data protection training sessions.
• Manage the organization's trademark and copyright portfolio including registration, renewals, and monitoring.
• Monitor for potential infringements or unauthorized use of IP and coordinate enforcement.
• Draft, send, and follow up on cease-and-desist letters related to IP violations.
• Coordinate IP strategy
• Coordinate with outside counsel for IP litigation and formal disputes when required.
• Work cross-functionally with Legal, IT, Marketing, HR, and Product teams to align data protection practices.
• Liaise with regulators, including Data Protection Authorities (DPAs), on audits, complaints, or breaches.
• Support contract reviews from a privacy and IP compliance standpoint (e.g., DPAs, SCCs, IP clauses).

• Bachelor's degree in Law,
• Certification such as CIPP/E, CIPM, or equivalent preferred.
• Minimum 3-5 years experience in data protection, privacy law and Intellectul Property.
• Experience with LGPD,GDPR, and international data protection standards.
• Familiarity with IP law, trademark processes, and enforcement mechanisms.

• Strong understanding of data privacy laws and regulatory frameworks.
• Excellent communication and stakeholder engagement skills.
• Detail-oriented with strong documentation and analytical abilities.
• Familiarity with legal writing, especially in cease-and-desist and regulatory contexts.
• Proficiency with privacy tech tools, data mapping platforms, and risk registers.

At KTO, diversity isn't just a buzzword – it's our strength. We're all about creating an inclusive environment where everyone feels valued and empowered. Together, we're not just working on projects – we're making a real impact in our communities. Join us in celebrating diversity and driving meaningful change

KTO is licensed for Brazilian sports betting and online gaming under Portaria 2.093/2024, ensuring a secure and regulated environment for our operations.

Participation is prohibited for:

Individuals under 18 (eighteen) years of age;

Public agents with duties directly related to the regulation, control, and supervision of the activity within the federative entity in whose personnel framework they perform their duties;

- Persons who have or may have any influence on the outcome of a real event with a sports theme subject to fixed-odds lottery betting, including:

- Persons holding positions as sports directors, sports coaches, trainers, and members of the technical staff;

- Referees of sports, referee assistants, or equivalents, sports entrepreneurs, agents or representatives of athletes and coaches, coaches or members of the technical staff;

- Members of the administrative or supervisory body of entities responsible for organizing competitions or sporting events;

- Athletes participating in competitions organized by entities within the National Sports System;

Individuals diagnosed with gambling addiction, according to a diagnosis from a qualified mental health professional.