Compliance Analyst

**About PayJoy**

PayJoy is a mission-first financial service provider dedicated to helping under-served customers in emerging markets to achieve financial stability and success. We lend through our patented technology that turns a smartphone into digital collateral, and our cutting-edge machine learning, data science, and anti-fraud AI allow us to offer the lowest cost and qualify the most customers in the industry. As of 2024 we have brought billions of dollars in credit to 12 million customers, doubling in the last two years while remaining strongly profitable and sustainable for the long term.

**This role**

The compliance analyst role at PayJoy exists to ensure the company operates within the boundaries of data protection laws and industry regulations, particularly in regions with strict privacy laws like Brazil. This specialist is responsible for implementing robust compliance frameworks, managing data privacy policies, and mitigating risks related to data breaches or regulatory penalties. By ensuring adherence to legal standards, this role directly contributes to protecting PayJoy from potential litigation, safeguarding customer trust, and enabling secure, compliant business operations, which is critical in maintaining the company’s reputation and continuity, especially in markets that rely on sensitive customer data for device locking services and credit.

**Responsibilities**:

- **Ensure Regulatory Compliance** What: Monitor and ensure adherence to all applicable data privacy laws and regulations. How: Regularly review and update company policies to align with local and international privacy laws (e.g., LGPD, GDPR). Why: To avoid legal penalties and ensure the company's operations remain lawful and secure.
- ** Develop and Implement Privacy Policies**:What: Create and maintain comprehensive data privacy and protection policies. How: Collaborate with legal, IT, and business teams to build policies that cover data handling, retention, and security practices. Why: To safeguard customer information and ensure compliance with legal and contractual obligations.
- ** Conduct Privacy Audits and Assessments**:What: Perform regular internal audits and privacy impact assessments (PIAs) to identify vulnerabilities. How: Analyze data workflows, systems, and procedures to ensure compliance and security. Why: To proactively address risks and demonstrate accountability to regulators and stakeholders.
- ** Manage Data Breaches and Incident Response**:What: Lead the investigation and resolution of data breaches or privacy incidents. How: Develop and implement an incident response plan and ensure quick, effective communication and resolution. Why: To minimize reputational damage and legal exposure, and to comply with breach notification requirements.
- ** Provide Training and Education**:What: Educate employees on data privacy laws, company policies, and best practices. How: Deliver training programs, workshops, and materials to raise awareness and maintain a culture of compliance. Why: To ensure all staff understand their responsibilities, reducing the risk of accidental non-compliance.
- ** Monitor and Adapt to Regulatory Changes**:What: Stay updated on new regulations and compliance requirements. How: Continuously track regulatory developments and adjust internal processes accordingly. Why: To prevent non-compliance due to outdated practices and maintain legal conformity.
- ** Support Cross-functional Teams on Compliance Matters**:What: Advise internal teams on data privacy issues related to product development, marketing, and customer operations. How: Provide clear, actionable guidance during the development and implementation of business initiatives. Why: To ensure all company activities involving data use are compliant with regulations and aligned with business goals.

**Requirements**:

- Proven Experience in Data Privacy Compliance: At least 3-5 years of hands-on experience working with data privacy regulations such as GDPR, LGPD, or CCPA in a corporate or legal setting.
- Understanding of Risk Management Principles:Knowledge of risk identification, mitigation, and management strategies in relation to data privacy and regulatory compliance.
- Ability to Develop and Implement Policies: Demonstrated experience in creating, implementing, and maintaining data privacy policies and procedures across an organization.
- Strong Organizational and Project Management Skills: Ability to manage multiple compliance projects simultaneously, ensuring that deadlines are met and standards are consistently upheld.
- Knowledge of Privacy Impact Assessments (PIA) and Audits: Experience conducting privacy audits and impact assessments, with a focus on identifying vulnerabilities and ensuring regulatory adherence.

**Benefits**:

- Company-funded Health and Dental Insurance for employees and immediate family members.
- Life insurance.
- Monthly benefits of meal vouchers and Home Office assistance.
- Annual benefits of Fitness (