Assistant Manager - Ethics & Compliance

Job Description:

Following the acquisition of Pinkvilla, Flipkart's Ethics & Compliance (E&C) team is seeking a highly motivated Manager to be based at the Pinkvilla office in Mumbai. This role is a critical bridge, acting as the primary point of contact (POC) for all E&C matters, including a special focus on implementing the Digital Personal Data Protection Act (DPDPA), 2023.

This individual will function as a Program Management Office (PMO) for all E&C initiatives, ensuring Pinkvilla's operations align with Flipkart's policies and applicable laws. The candidate will work closely with Pinkvilla leadership and the central Flipkart E&C Subject Matter Experts (SMEs) to drive a culture of compliance.

E&C PROGRAM MANAGEMENT & COLLABORATION

• Serve as the single, primary point of contact for all communication and collaboration between Flipkart E&C Subject Matter Experts (SMEs) and the Pinkvilla team across all compliance domains (e.g., Anti-Corruption, Sanctions, Consumer Protection, Privacy, Employment Laws, License & Permits, Safety, Anti-Money Laundering etc.).
• Establish and maintain a comprehensive compliance roadmap and tracking mechanism for all applicable E&C programs, ensuring deadlines are met and status is accurately reported to leadership.
• Work with all applicable stakeholders to ensure Pinkvilla's operational procedures and internal controls are consistently aligned with the standards set by broader Flipkart E&C policies.
• Act as a bridge between the central E&C team and the Pinkvilla business and operations teams on the ground.

DATA PRIVACY COMPLIANCE

• Drive the strategy, planning, and execution required to make Pinkvilla compliant with the DPDPA, 2023, specifically focusing on the obligations of a Data Fiduciary.
• Translate newly identified legal and regulatory DPDP Act requirements into specific, actionable compliance standards and internal controls for Pinkvilla's processes and systems.
• Establish and manage robust mechanisms for obtaining, withdrawing, and managing valid, explicit, and informed consent (Notice & Consent) from Data Principals (users).
• Implement and manage processes to facilitate and respond to requests related to the Rights of the Data Principal.
• Assist in drafting and operationalizing data privacy policies, procedures, and guidelines tailored for Pinkvilla.
• Determine the need for performing Data Protection Impact Assessments (DPIAs) and assist with their execution.

RISK, MONITORING & ALIGNMENT

• Conduct focused DPDPA gap assessments on Pinkvilla's data flows, processing activities, and vendor contracts.
• Assist in the monitoring of all compliance areas at Pinkvilla, identifying potential risks and gaps.
• Translate complex legal and regulatory requirements (from all E&C domains) into clear, actionable business processes and controls.
• Develop and use metrics to measure and report on the status of compliance program execution and maturity at Pinkvilla.

TRAINING & AWARENESS

• Coordinate the deployment and tracking of mandatory compliance training (e.g., Code of Conduct, POSH, Anti-Corruption) for all Pinkvilla employees.
• Develop and deliver relevant SMA-focused training materials to drive awareness of compliance requirements throughout the Pinkvilla organization.

Qualifications and Experience:

• 3+ years of relevant experience in compliance, legal, risk, or program management.
• Educational background as an LLB, CA, or a management graduate.
• Exceptional organizational, project management, and cross-functional collaboration skills.
• Proven ability to translate complex legal and regulatory requirements into clear, actionable business processes.
• Experience in data privacy compliance, with specific knowledge of the DPDPA, 2023, is highly desirable.
• Self-starter with the ability to work independently and manage multiple priorities simultaneously.
• Excellent interpersonal and communication skills; fluent in English, both verbally and in writing.
• Preferred: Professional credentials such as CIPP/E, CIPP/APAC, CIPM.
• Preferred: Knowledge of international standards such as ISO 27001, ISO 27701.