Group Data Protection Officer/Senior Legal Counsel


Group Data Protection Officer/Senior Legal Counsel

Group Data Protection Officer/Senior Legal Counsel


Basel, BS, CH



About Idorsia Pharmaceuticals Ltd

Idorsia Ltd is reaching out for more - We have more ideas, we see more opportunities and we want to help more patients.

In order to achieve this, we want to develop Idorsia into one of Europe's leading biopharmaceutical companies, with a strong scientific core.

Headquartered in Switzerland - a European biotech hub - Idorsia is specialized in the discovery and development of small molecules, to transform the horizon of therapeutic options. Idorsia has a broad portfolio of innovative drugs in the pipeline, an experienced team, a fully-functional research center, and a strong balance sheet - the ideal constellation to bringing R&D efforts to business success.

Idorsia was listed on the SIX Swiss Exchange (ticker symbol: IDIA) in June 2017 and has over 1,100 highly qualified specialists dedicated to realizing our ambitious targets.


Job Responsibilities



  • Implement and manage the data protection management system of Idorsia and build, supervise and coordinate the activities of the Idorsia group companies in the area of data protection

  • Identify the need for action as well as elaboration and advancement, development, implementation and maintenance of data privacy/protection strategies, standards, directives, policies, procedures and standard contract provisions

  • Support the business partners in providing day to day advise and support in aspects of data protection in the EMEA region and globally

  • If time allows general legal support to functions and departments


  • Drive and be responsible for the management of all internal data processing activities and compliance with applicable laws as well as Idorsia policies 

  • Develop, maintain and strengthen the data protection management system, including certification, if applicable

  • Maintain a record of processing activities as referred to in article 30 GDPR 

  • Prepare, maintain and ensure the regular review processes for global data protection rules, standards, directives, policies, procedures and standard contract provisions

  • Prepare and maintain relevant reporting and audits (internal or external)

  • Issue instructions and functional guidance to strengthen Idorsia's data protection measures

  • Monitor compliance with Idorsia instructions and propose appropriate sanctions in case of violations

  • Assess and monitor technical and organizational measures put in place to ensure data security

  • Report material data protection violations and risks

  • Draft and release data protection templates for agreements with vendors, service providers and employees

  • Report new/revised legal requirements

  • Issue proposals regarding adjustment of data protection governance

  • Advise internal and external data processors

  • Collaborate with IT regarding the implementation of projects related to data protection "by design and default"

  • Provide advice to IT related to data protection impact assessments and monitoring of their implementation, if applicable

  • Investigate on and implement Binding Corporate Rules for internal data transfer, if applicable

  • Ensure employees' training

  • Provide advice to affected subjects regarding processing of their data and exercise of their rights

  • Act as external communication point regarding any data protection-related issues

  • Act as point of contact for and cooperation with the Federal Data Protection and Information Commissioner and any other supervisory authority

  • Issue annual report of material activities

  • Fulfill other legal tasks and duties like contract reviews

Candidate's Requirements 


  • Completed Law degree

  • Ideally admission to the Bar

  • Extensive experience in data protection in life science/healthcare industry, ideally in the pharmaceutical/biotech industry

  • Ability to fulfil the tasks referred to in Article 39 of the EU General Data Protection Regulation (GDPR) and the Swiss Data Protection Ordinance

  • Good knowledge of the GDPR, complimentary regulations (e.g., e-Privacy), and related guidelines, as well as additional data protection laws

  • Coordinate the group data protection management system 

  • Strong analytical and problem-solving skills

  • Service and results oriented

  • Strong interpersonal skills, team player, open-minded

  • Able to work in a multidisciplinary and multicultural environment across functions/departments with capacity to gain buy-in from such functions/departments

  • Excellent communication skills

  • Proactive, able to work autonomously and handling various tasks simultaneously

  • Excellent command of English and fluency in German


What Idorsia offers


  • Exciting opportunities for development and professional growth within our dynamic organization

  • A collaborative and solution-oriented environment where you can make a difference

  • An innovative and open culture in a truly multicultural environment

  • A competitive salary and generous social benefits


Work Location: Allschwil - Basel Area

Country: Switzerland

Business Area: Legal & Compliance

Schedule: Full-time

Job Type: Permanent

Job ID: 3695


At Idorsia, we harness the power of difference, authenticity, and inclusion to achieve business success.

We encourage all potential candidates with diverse backgrounds of race, color, religion, sexual orientation, gender identity, age, national origin, and disability to submit their job applications. All applicants will receive consideration.

We are committed to fostering respect, fairness, and equal opportunities for all job applicants and our employees.

Please be informed that if you are selected for this position, your employment will be subject to a pre-employment background screening process, of which you would be informed in greater detail in due course.

Please note Idorsia operates a strictly controlled list of preferred recruitment partners. For those partners who have no valid, signed Master Service Agreement in place with Idorsia, all unsolicited resumes, CVs, anonymous profiles, or any other candidate details submitted through our website or to personal e-mail accounts of employees of Idorsia Pharmaceuticals (including any of its subsidiaries, affiliates, or related companies) are considered the property of Idorsia Pharmaceuticals and are not subject to payment of any form of introduction, placement or referral fees.