121 Privacy Law jobs in Indonesia

• Develop, implement, and maintain the company's global data privacy policies, procedures, and guidelines.
• Conduct Data Protection Impact Assessments (DPIAs) and advise on privacy implications of new projects and technologies.
• Manage data subject access requests and ensure timely and compliant responses.
• Oversee the company's data processing activities and maintain records of processing activities (RoPA).
• Advise on data transfer mechanisms and cross-border data flow regulations.
• Investigate and manage data breach incidents, coordinating response efforts and regulatory notifications.
• Provide training and awareness programs to employees on data privacy best practices.
• Collaborate with legal, IT, security, and business teams to integrate privacy-by-design principles.
• Stay updated on emerging privacy laws, regulations, and enforcement trends globally.
• Represent the company in interactions with data protection authorities.

• Law degree and admission to the Indonesian Bar or equivalent qualification.
• Minimum of 8 years of legal experience, with a significant focus on data privacy and data protection law.
• In-depth knowledge of major privacy frameworks such as GDPR, CCPA, and PDPA.
• Experience in developing and implementing privacy programs within a global organization.
• CIPP/E or CIPP/US certification is highly desirable.
• Strong analytical, problem-solving, and risk assessment skills.
• Excellent written, verbal, and interpersonal communication skills.
• Ability to work independently, manage competing priorities, and lead projects in a remote, global environment.
• Demonstrated ability to advise senior management on complex privacy matters.
• This role is fully remote, but ideally candidates will have some familiarity with or connection to the region of Balikpapan, East Kalimantan, ID .

• Provide expert legal counsel on all matters related to data privacy and data protection laws globally.
• Develop, implement, and maintain comprehensive data privacy policies, procedures, and guidelines.
• Conduct Data Protection Impact Assessments (DPIAs) and Privacy Risk Assessments for new projects and initiatives.
• Advise on data processing agreements (DPAs) and vendor contracts to ensure compliance with privacy requirements.
• Manage and respond to data subject access requests (DSARs) and other privacy-related inquiries.
• Develop and deliver data privacy training programs to employees across all levels of the organization.
• Stay abreast of evolving data privacy laws, regulations, and enforcement actions worldwide.
• Advise on data breach incident response plans and manage investigations and notifications as required.
• Collaborate with IT and security teams to ensure technical measures align with privacy requirements.
• Review marketing materials and product designs for privacy compliance.
• Represent the company in interactions with data protection authorities.
• Conduct internal audits and assessments to monitor compliance with privacy policies and regulations.
• Manage and oversee external counsel, where necessary.
• Contribute to the development of privacy-by-design principles within the organization.
• Promote a culture of privacy awareness and accountability throughout the company.

• Law degree (LL.B. or equivalent) from a reputable university.
• Admission to the Indonesian Bar (PERADI) or a recognized international equivalent.
• Minimum of 7 years of experience practicing law, with a significant focus on data privacy and protection.
• In-depth knowledge of global data privacy regulations (GDPR, CCPA, LGPD, etc.) and Indonesian PDP Law.
• Experience in drafting and negotiating data processing agreements and privacy policies.
• Strong understanding of cybersecurity principles and data security measures.
• Excellent analytical, research, and problem-solving skills.
• Exceptional written and verbal communication skills.
• Ability to work independently and manage a high workload in a fast-paced legal environment.
• Demonstrated ability to provide pragmatic and business-oriented legal advice.
• CIPP or relevant privacy certification is a strong plus.

• Develop, implement, and maintain the company's global data privacy compliance program.
• Provide expert legal advice on data privacy matters, including data collection, processing, storage, transfer, and deletion.
• Conduct Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs) for new projects and initiatives.
• Draft and review privacy policies, notices, consent forms, and data processing agreements.
• Advise on cross-border data transfer mechanisms and ensure compliance with international data transfer regulations.
• Serve as the primary point of contact for data protection authorities and manage regulatory inquiries.
• Develop and deliver data privacy training programs to employees across the organization.
• Stay current with evolving data privacy laws and regulations and advise on their impact on the business.
• Manage data breach incidents, including investigation, notification, and remediation efforts.
• Collaborate with IT, security, marketing, and product development teams to embed privacy-by-design principles.
• Conduct internal audits and assessments to ensure ongoing compliance.

• Juris Doctor (JD) or equivalent law degree from an accredited institution.
• Admission to practice law in Indonesia or a relevant jurisdiction.
• Minimum of 7 years of experience practicing law, with at least 5 years specializing in data privacy and data protection.
• In-depth knowledge of major data privacy regulations such as GDPR, CCPA, LGPD, and Indonesia's PDP Law.
• Experience advising multinational corporations on privacy compliance.
• Strong analytical and problem-solving skills, with meticulous attention to detail.
• Excellent written and verbal communication skills, with the ability to explain complex legal concepts clearly.
• CIPP (Certified Information Privacy Professional) or similar certification is highly desirable.
• Ability to work effectively in a hybrid work model, balancing remote and in-office responsibilities.
• Proven ability to manage multiple projects simultaneously and meet tight deadlines.

• Advise on all aspects of data privacy law and compliance, including international regulations.
• Develop, implement, and maintain comprehensive data privacy policies, procedures, and guidelines.
• Conduct Data Protection Impact Assessments (DPIAs) and Privacy Risk Assessments.
• Manage and respond to data subject rights requests (e.g., access, deletion, portability).
• Develop and deliver data privacy training programs for employees across the organization.
• Oversee and manage data breach incidents, including investigation, notification, and remediation.
• Review and advise on data processing agreements (DPAs) and third-party vendor contracts.
• Collaborate with IT and Information Security teams to ensure privacy-by-design and privacy-by-default principles are embedded in systems and processes.
• Stay current with evolving data privacy laws, regulatory guidance, and enforcement actions.
• Represent the company in interactions with data protection authorities as needed.
• Assist with audits and assessments related to data privacy compliance.
• Provide legal guidance on data anonymization, pseudonymization, and data minimization techniques.

• Juris Doctor (J.D.) degree from an accredited law school.
• Admission to at least one state bar.
• Minimum of 7 years of experience in data privacy law, compliance, or a related field.
• In-depth knowledge of global data privacy regulations such as GDPR, CCPA, and Indonesian data protection laws.
• Experience in drafting privacy policies, DPAs, and other privacy-related documentation.
• Familiarity with cybersecurity principles and technologies.
• Strong analytical, problem-solving, and risk assessment skills.
• Excellent written and verbal communication and interpersonal skills.
• Ability to manage multiple projects, prioritize effectively, and work under pressure.
• Experience working in a hybrid work environment is preferred.
• Certification such as CIPP (Certified Information Privacy Professional) is a significant advantage.

• Provide expert legal counsel on global data privacy laws and regulations, including GDPR, CCPA, LGPD, and Indonesian data protection laws.
• Develop, implement, and maintain comprehensive data privacy policies, procedures, and guidelines across the organization.
• Conduct Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs) for new projects and initiatives.
• Oversee the company's data breach response plan and manage incident investigations and notifications.
• Advise business units on privacy considerations related to product development, marketing, and data processing activities.
• Develop and deliver data privacy training programs for employees at all levels.
• Manage relationships with data protection authorities and respond to regulatory inquiries.
• Review and negotiate data processing agreements (DPAs) and other privacy-related contracts.
• Stay current with evolving data privacy laws, enforcement trends, and technological advancements.
• Collaborate with IT, Security, and Compliance teams to ensure alignment on privacy and security measures.
• Conduct internal audits and assessments to ensure ongoing compliance.
• Represent the company in external forums and discussions related to data privacy.
• Manage and mentor junior legal professionals or privacy specialists.
• Contribute to the development of the company's overall legal and compliance strategy.

• Juris Doctor (JD) or equivalent law degree from an accredited institution.
• Admission to practice law in at least one relevant jurisdiction.
• Minimum of 10 years of experience in data privacy law, with a significant portion spent advising technology companies or handling complex international data privacy matters.
• In-depth knowledge of GDPR, CCPA, and other major data privacy regulations.
• Experience in developing and implementing privacy programs and policies.
• Proven ability to conduct and manage privacy impact assessments and data breach responses.
• Strong understanding of information security principles and practices.
• Excellent analytical, research, and writing skills.
• Exceptional communication and interpersonal skills, with the ability to explain complex legal concepts to non-legal audiences.
• CIPP/E, CIPP/US, CIPP/Asia, or similar privacy certifications are highly desirable.
• Experience working in a fast-paced, global environment.
• Demonstrated ability to work independently and manage multiple priorities effectively.

• Develop and implement global data privacy strategy and compliance programs.
• Advise on data protection laws and regulations across various jurisdictions.
• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Manage data breach incident response and remediation efforts.
• Draft and review privacy policies, terms of service, and data processing agreements.
• Collaborate with engineering, product, and security teams to ensure privacy-by-design.
• Provide training and guidance to employees on data privacy best practices.
• Stay current with evolving data privacy laws and regulatory guidance.
• Represent the company in interactions with regulatory authorities.
• Lead and mentor junior legal and privacy professionals.

• Juris Doctor (JD) degree from an accredited law school.
• Admission to at least one state bar.
• Minimum of 8 years of experience in data privacy law, preferably with experience in technology companies.
• In-depth knowledge of global data privacy regulations (GDPR, CCPA, etc.).
• Experience conducting privacy assessments and managing data breaches.
• Excellent drafting, negotiation, and analytical skills.
• Proven ability to lead and manage complex legal projects.
• Strong communication and interpersonal skills for effective stakeholder management.
• Ability to work independently and manage workload effectively in a remote setting.
• CIPP certification is a plus.

• Law degree from a recognized institution.
• Admission to the Indonesian Bar.
• Minimum 10 years of legal experience, with a significant focus on data privacy and protection law (e.g., GDPR, CCPA, UU PDP).
• Proven experience in developing and implementing privacy programs.
• Strong knowledge of IT and cybersecurity principles.
• Excellent analytical, problem-solving, and negotiation skills.
• Fluency in both English and Bahasa Indonesia.
• Demonstrated ability to lead projects and influence stakeholders.
• Experience with remote collaboration tools and methodologies.

• Develop and implement a comprehensive global data privacy compliance program.
• Advise on all legal aspects of data privacy, data security, and data governance.
• Draft, review, and negotiate data processing agreements and other privacy-related contracts.
• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Develop and maintain privacy policies, notices, and procedures.
• Manage data breach incident response, including investigations and notifications.
• Provide training and guidance to employees on data privacy obligations and best practices.
• Monitor changes in data privacy laws and regulations worldwide and advise on compliance strategies.
• Collaborate with IT, Security, and Product teams to ensure privacy-by-design.
• Represent the company in interactions with data protection authorities, as needed.
• Assess and mitigate data privacy risks across the organization.

• Juris Doctor (JD) or equivalent law degree from a reputable institution.
• Admission to a relevant Bar and a valid legal practicing license.
• Minimum of 8 years of experience in data privacy law, compliance, or related fields, preferably with significant in-house experience.
• In-depth knowledge of global data privacy regulations such as GDPR, CCPA, LGPD, etc.
• Proven experience in developing and implementing data privacy programs.
• Strong understanding of data security principles and incident response.
• Excellent analytical, problem-solving, and risk management skills.
• Exceptional written and verbal communication and interpersonal skills.
• Ability to work independently and lead complex legal initiatives.
• CIPP (Certified Information Privacy Professional) or similar certification is highly desirable.
• Experience advising on privacy issues related to technology, marketing, and HR is a plus.

About Agoda
Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

Our Purpose -
Bridging the World Through Travel
We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.

We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone.

Get to Know our Team:
In the age of technology, things are constantly changing. The travel market is much the same, being more dynamic and complex than ever. Agoda's Legal team is well suited to take on the challenges presented, adopting a proactive mindset to tackle challenges and solve problems. We are quick on our feet, decisive, and collaborate with multiple departments. We hire out-of-the-box thinkers that are well grounded with ethics and legal knowledge to ensure that Agoda achieves the right results, the right way.

Get to Know our Team:
In the age of technology, things are constantly changing. The travel market is much the same, being more dynamic and complex than ever. Agoda's Legal team is well suited to take on the challenges presented, adopting a proactive mindset to tackle challenges and solve problems. We are quick on our feet, decisive, and collaborate with multiple departments. We hire out-of-the-box thinkers that are well grounded with ethics and legal knowledge to ensure that Agoda achieves the right results, the right way.

The Opportunity:
As Senior Counsel, Privacy (Fintech area) – you will be part of a leading and innovative team responsible for the legal risk areas of data privacy, cybersecurity and artificial intelligence. This is a newly created role dedicated to supporting fintech products and payments. You will act as the single point of contact to fintech stakeholders in Tech and Product on the legal aspects of privacy, cybersecurity and artificial intelligence, and maintain close cross-functional collaboration with sister brands within the Booking Holdings group. This is a unique opportunity to shape key fintech initiatives from the ground up, with high visibility across Agoda and other Booking Holdings brands.

• This position is Bangkok-based and we are open to both local and international candidates, with relocation support available for eligible candidates to ensure a smooth transition to working and living in Bangkok. Please note that remote work or working from locations outside of Bangkok is not available for this role.

In this Role, you'll get to provide:

• Product Counseling: End-to-end legal advisory support on privacy, AI and data protection matters as they relate to Agoda's fintech products, interests and payment initiatives in Asia, United Kingdom and the United States.
• Regulatory Compliance: Monitor, interpret and implement global privacy and payment regulations and guidance as they may apply to fintech and payment operations (e.g. EU GDPR, UK GDPR and Data (Use and Access Act), CCPA, PDPA, PIPA, APPI, GLBA, PSD2).
• Privacy by Design: Collaborate cross-functionally with Product, Tech, Security, Finance, and Fintech commercial teams, as well as with other functions and brands in the Booking Holdings group, to embed privacy-by-design and compliance principles throughout product and data lifecycles. Lead and support privacy impact assessments, and data mapping exercises.
• Vendor and Partner Management: Assess third-party privacy and AI risks. Negotiate and review privacy, data protection and AI terms in contracts with payment service providers, tech service providers, and fintech partners.
• Regulatory Engagement: Support regulatory applications, filings, audits and responses to data protection authorities or financial regulatory authorities in relevant jurisdictions.
• Stakeholder Engagement: Serve as privacy subject matter expert for Fintech, advising on data subject rights, marketing and e-privacy compliance, and regulatory change implementation.
• Policy and Documentation: Draft and maintain privacy notices, policies, internal documentation, contribute to knowledge management, template development, and continuous improvement of privacy processes.

What you'll Need to Succeed:

• Law degree from a top law school, and excellent academic credentials.
• Minimum 6+ years of post-qualification experience, with at least 2 years at a reputable law firm.
• Demonstrated experience advising on privacy in the fintech, payments or financial services sector.
• Good knowledge of global privacy laws and payment regulations (GDPR, CCPA, PDPA, PIPA, APPI, PSD2).
• Excellent drafting, negotiation, communication and stakeholder management skills; able to work independently and collaboratively in a fast-paced, matrixed environment.
• Self-starter with a sense of humor, adaptability, and enthusiasm for building new products and processes.

It's Great if you have:

• Legally qualified in either England, Singapore or another common law jurisdiction.
• A data privacy qualification, CIPP or equivalent or at least willing to obtain one shortly after joining the company
• Practical, solution-oriented approach to legal advice.
• Experience working in a tech company or with technology-driven products.

Discover More About Working At Agoda

• Agoda Careers
• Facebook
• LinkedIn
• YouTube

Equal Opportunity Employer
At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer
We do not accept any terms or conditions, nor do we recognize any agency's representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.