Malt welcome

Welcome to Moa's freelance profile!

Malt gives you access to the best freelancers for your projects. Contact Moa to discuss your project or search for other freelancer profiles on Malt.

Moa Mörner

DPO/ Senior Data Protection consultant/ Group DPO
  • Suggested rate
    £757 / day
  • Experience3-7 years
  • Response rate100%
  • Response time1 hour
The project will begin once you accept Moa's quote.
Location and workplace preferences
Location
Stockholm, Sweden
Can work onsite in your office in
  • and around Stockholm (up to 50km)
Verifications

Freelancer code of conduct signed

Read the Malt code of conduct
Verified email
Languages
Categories
These freelancer profiles also match your search criteria
Agatha FrydrychAF

Agatha Frydrych

Backend Java Software Engineer

Baptiste DuhenBD

Baptiste Duhen

Fullstack developer

Amed HamouAH

Amed Hamou

Senior Lead Developer

Audrey ChampionAC

Audrey Champion

Web developer

Skill set (25)
Moa in a few words
Hi, here are my key comptences:
• Experienced Group Data Protection Officer (6 years) with a demonstrated history of working with questions concerning processing of special categories of personal data, both for Controllers and Processors.
• Highly skilled in data protection law, EDPB guidelines and broad experience with data
protection issues.
• Experienced on advising on strategic level (CEO, Group CEO, Boards) and reporting Data
Protection Risks.
• Thorough experience of working with data protection and privacy: Processing of special
categories of personal data (trade union membership in large scale), Assessments on
lawfulness of processing, Assessments on appropriate safeguards and security of processing, Data protection impact assessment (DPIA), Data Processor Agreement (DPA), CCTV, Assessments on lawfulness of third country transfers and transfer impact assessments (TIA), Assessments on appropriate data protection by the processor, Internal audits on appropriate data protection, Records of processing activities (ROPA), Rights of the data subject, Contact to the Supervisory authority concerned, and managing personal data breaches.
• I have accomplished over 200 educations on data protection and with my energy, positive approach, and grit, I inspire and motive people to work with data protection.
• Experience with large scale ransomware attack, supervisions from the DPA, data subject
complaints.
• Successfully built data protection programmes, Privacy Office, and I have lead several data protection projects to compliance with the GDPR.
• Information Security-skills; information security projects, educating, and education as Information security architect - Strategic, Operational and Technical information security.
• Successfully implementing Information Security projects (ISO 27001 and 27002), co-ordinate data protection strategy to ensure compliance with GDPR requirements and develop a digital support for monitoring data compliance.
Experience
  • SJ AB
    Group DPO (Group Data Protection Officer)
    January 2022 - July 2023 (1 year and 6 months)
    Stockholm, Sweden
    Working close with Privacy Office, Legal, IT, the IT- and Information Security team as well as the Security team. One-to-One meetings with Group CEO as well as CEO at the subsidiaries. Reporting privacy risks to the risk committee (board) as well as a part of the information security management system to group management. Assessments such as processor or controller relations, DPIA, TIA and audits of Processor as well as all other normal DPO-tasks due to the GDPR. Building a Data Protection Programme, Recruitment, and set-up of Privacy Office, updating processes to meet requirements from Data subjects (the right to access, to be forgotten, Data portability, restrictions) and a new way of working understanding and managing chosen risk appetite in the company for Data Protection Compliance Risk. Also been working with CCTV on trains, graffiti, and an agile way of working.
  • FASAB6F
    Data Protection Officer (DPO) at Swedish Construction Workers' Union, Seko - Service and Communicati
    November 2017 - January 2022 (4 years and 2 months)
    Stockholm, Sweden
    As a senior Data Protection Officer working with questions concerning processing of special categories of personal data (article 9) the tasks are (in short)
    • to inform and advise the controller and the processor at the highest management level of the organization to ensure compliance with GDPR requirements
    • to offer education to the employees who carry out processing of personal data, for an example on Data Protection Agreements, how to process data as the employer for HR and management or data protection in Membership Centre or personnel management
    • to advise Data Protection Managers on how to understand and implement the data protection legislation on an operative level, instructions and checklists, data protection policies, DPA and records of processing activities
    • to do assessments and recommendations for decision-making in procurement and development of IT-systems (cloud-services included) as well as other services that includes data processing (DPIA) Special tasks are
    • to co-ordinate Information Security implementation projects (ISO 27001 and 27002),
    • co-ordinate data protection strategy to ensure compliance with GDPR requirements between six organizations (6F)
    • develop a digital support for monitoring data compliance
  • Civilekonomerna
    Project Manager at Membership Service
    September 2008 - November 2017 (9 years and 2 months)
    Stockholm, Sweden
    The Swedish Association of Graduates in Business Administration and Economics (Civilekonomerna in Swedish), is a union and interest organisation for professionals and students in business and economics in Sweden with 44 000 members. Our Membership Service department receives questions about fees, membership, payments, income insurance, withdrawal, benefits and much more. My current mission is to turn a reactive membership service department into a recruiting and service-oriented service for members.
    • Change management: Motivate / enthusiastic employees to work in new ways and, through my understanding of the business, create the right digital conditions for more effective workflow. My leadership area is in the interface of human-business and IT.
    • Business Development: Digitizing Membership Services, automation, and more efficient digital workflows that release time to work more qualitatively against members and leads.
    • System Administrator for our CRM system, Salesforce and IT project management of the implementation of new features / integrations.
    • Currently, I am project leader for adaptation to the GDPR (General Data Protection Regulation). Previously, I was coordinator for the Personal Data Act, including administration of Personal Data Assistant Agreements.
    • Also I represent the union in Saco's joint work with GDPR and am active in one of the working groups to develop a guide for all Saco associations.
    • Supervisor for two employees at Member Service
    • Experienced talking to groups/training: Internal recruitment training, telemarketing agency, and introduction for new colleagues about the business and about Salesforce
    • Budget, business reporting including membership recruitment statistics
Recommendations
Education
  • Bachelor's degree, Political Science and Practical Philosophy (ethics)
    Stockholm University
    2000
    Bachelor's degree, Political Science and Practical Philosophy (ethics)