Data Privacy Specialist

About Tekion:

Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe.

Data Privacy Specialist:  

We are looking for an independent and driven Data Privacy Specialist (3–4 years’ experience) to join our Legal team. You will lead privacy compliance efforts, contribute to the design and ongoing management of our Privacy Information Management System (PIMS), oversee vendor compliance, and actively participate in privacy initiatives encompassing both conventional data processing and AI-powered technologies.  

  Your Key Responsibilities:

• Implement and maintain the Privacy Information Management System (PIMS) framework across all business entities.  

• Perform Privacy Impact Assessments (PIA), Data Protection Impact Assessments (DPIA), AI-specific IAs, and data mapping for IT systems, business processes, AI/ML models, and new initiatives.  

• Collaborate with Engineering, AI/ML, IT, HR, Marketing, Compliance, and Security teams throughout the data and software development lifecycle, advising on data flows, privacy controls, ethical AI principles, and design choices to embed Privacy by Design (PbD) and Ethical AI.  

• Lead ongoing compliance monitoring, internal audits, and periodic assessments to measure effectiveness and identify improvement opportunities.  

• Conduct Ethical AI assessments covering bias mitigation, transparency, fairness, and accountability in AI systems.  

• Drive vendor due diligence assessments, focusing on third-party data handling, AI model use, and compliance with data protection requirements.   

• Ensure comprehensive, up-to-date record-keeping for all privacy and data protection activities to support audits and regulatory requests.  

• Conduct broader privacy risk assessments, including those for operational processes, third parties, cookies, and marketing campaigns as appropriate.  

• Support Subject Access Requests, Privacy Incident response, and breach notification processes, including those involving AI systems.  

• Deliver Privacy and Ethical AI training and awareness programs; regularly assess training effectiveness and adapt content as needed.  

• Liaise with counterparts on global data protection, industry-specific regulations, and AI governance requirements (CCPA/CPRA, GDPR, UK DPA, PIPEDA, EU AI Act, etc.), internal audits, and privacy risk assessments.  

• Contribute to policy development and updates, privacy documentation, and ongoing compliance improvement plans, including AI governance policies.  

• Assist in ISO 27701/27001 implementation efforts.  

  What We’re Looking For:

• 3–4 years’ professional experience focused on data privacy, with demonstrable experience in PIA/DPIA execution, privacy control implementation, vendor due diligence, and contract review.  

• Experience in conducting AI-specific privacy assessments and applying ethical AI frameworks.  

• Proven ability to work closely with cross-functional teams (Engineering, AI/ML, IT, HR, Marketing, Security, Compliance) to integrate privacy and ethical AI requirements across the data lifecycle.  

• Solid working knowledge of major global privacy laws (CCPA, CPRA, GDPR, UK DPA, PIPEDA), industry-specific privacy regulations, and AI governance frameworks (such as the EU AI Act), as well as supporting frameworks (ISO 27701/27001).  

• Experience with privacy/GRC tools, AI governance, data discovery/classification, and consent management platforms; familiarity with collaboration and incident management tools (e.g., JIRA).  

• Comfortable working independently, owning privacy tasks with minimal supervision.  

• Experience supporting privacy audits, risk assessments, and developing or delivering privacy/AI ethics training, with the ability to measure and adapt training effectiveness.  

• Strong documentation, analytical, communication, stakeholder engagement, and project management skills.  

• Discretion and integrity in handling confidential and sensitive information.  

• Bachelor’s degree or equivalent work experience required.  

• Preferred: IAPP certification (CIPP, CIPT, CIPM), and hands-on experience with privacy/GRC and AI governance tools.