What’s the role about?
 

The Partnership is seeking an experienced Data Protection professional to join us for this critical role in the business.

You will have a good background in personal data protection compliance, ideally having spent some time working within the retail sector. As Data Protection Officer you will act as the primary contact for data subjects and offer independent and objective advice to the Partnership on how to comply with personal data protection legislation, in particular to the board and senior leadership team. 

You will be the face of the data privacy team, the escalation point for all queries and will be comfortable engaging with our most senior leaders and also liaising with senior risk and audit committees.

A large part of the role is leading a team of 13 Data Privacy Partners, managing the DPO lead personal data protection compliance accountability framework, ensuring the Partnership has efficient methodologies to demonstrate compliance with personal data protection legislation, and challenging where bad practice is noticed. 

This is a senior level data privacy role and you should not be afraid to challenge at C-Level.

Why does our Data Protection Officer love working for us?

Our Data Protection Officer has had the opportunity to lead an incredibly talented team of data privacy professionals with very diverse backgrounds and complementing knowledge and experience. Together we have built a great working environment that allows our Partners to bring Partnership values to life in their day to day job and really take pride in what they do. 

What you'll be doing as a Data Protection Officer:

Requirements include, but are not exclusive to:

• Acting as the company's statutory Data Protection Officer. 

• Owning and updating as needed the Data Privacy policy, standards, instructions and guidance to reflect relevant data protection legislation and regulatory guidance, including “Privacy by Design” and “Privacy by Default” rules for the organisation, and the personal data protection compliance intranet page.

• Advising and supporting the drafting and updating of Information Security policy, standards, guidelines and guidance. 

• Advising senior stakeholders and the business, and engaging in awareness campaigns, in relation to data privacy policy interpretation and implementation.

• Responding to data subjects’ complaints and personal data rights requests, ensuring these are handled in compliance with personal data protection legislation and identifying non compliance trends to remediate.

• Advising the Partnership in incidents involving personal data, being part of urgent crisis remediation groups as relevant.

• Leading the privacy training and awareness yearly programme, to be updated regularly.

• Managing the team’s budget with support from the Finance Business partners, ensuring it enables compliance with the statutory Data Protection Officer tasks.

• Leading a highly skilled Data Privacy team with sufficient technical tools, legal and technical support to enable them to focus on the analysis of data processing activities, legislation, regulatory guidance, and our own policies, standards, guidance and instructions.

• Working with the Information Security team, the Marketing team, the Legal team and the Procurement team to implement efficient personal data protection mechanisms and accountability rules.

• Being the Partnership’s point of contact with the Data Protection Regulators (such as the ICO), and other relevant entities involved in personal data protection, responding to requests for information, requests for assessment and other contacts.

• Being the Partnership’s point of contact for personal data protection issues with the British Retail Consortium and other industry bodies, supporting and supported by the Corporate Communications team.

What you’ll have:

• A relevant legal, policy or IT qualification. Masters level would be desirable.

• Significant experience working in personal data protection compliance.

• Expert knowledge of personal data protection legislation, in particular the UK and EU GDPR, DPA 2018 and PECR, and a good understanding of other major privacy frameworks and evolving legislation worldwide.

• Expert knowledge of the statutory requirements for a Data Protection Officer, mainly under UK GDPR but also other international legal frameworks as relevant.

• Well-developed and professional interpersonal skills, ability to interact effectively with people at all levels.

• Ability to work in fast paced environments and to engage at the most senior level to handle personal data incidents.

• Ability to work unsupervised, exercise leadership, and influence change.

What else you could bring:

• Additional recognised privacy qualifications e.g. CIPP, ISEB.

• Experience of working in the retail sector, financial services sector or technology industry.

Additional Information:

We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible.

The application form consists of a CV upload, an online test followed by application questions. Please ensure you refresh the page each time you complete a task to ensure you complete everything that you need to in time.

#LI-JLPGR
#LI-JH1