DATA PRIVACY SPECIALIST - JOB DESCRIPTION

Role Overview:
A leading company in the trade and consumer market is seeking a Data Privacy Specialist to join their Privacy, Legal & Compliance team. The role will work closely with the Data Protection Officer (DPO) and the Legal & Compliance Manager to ensure the organization upholds the highest standards of data privacy and compliance with UK and EU law, including GDPR.

Job Title: Data Privacy Specialist
Department: Legal & Compliance
Reports To: Legal & Compliance Manager
Salary: £40,000 per annum
Benefits Package:

Life assurance
Pension (3% employee & 5% employer)
Employee discount programme
Extended family policy, including maternity, paternity, additional annual leave
Mental Health First Aiders and Employee Assistance Programme
Financial education and loans
Flexible working options
25 days annual leave per year (pro-rata if joining mid-year)

Location: Hybrid-based role with flexibility to work from home. The candidate should be within commutable distance of the office in Northamptonshire for in-person meetings when required.

Notice period:

Less than 6 months: 1 week notice
6 months or more: 1 month's notice

Other Requirements:

Valid driving license required.
Probationary period of six months.

Summary:
The Data Privacy Specialist will be a key part of the Privacy, Legal & Compliance team, working closely with the DPO and Legal & Compliance Manager to ensure compliance with UK and EU data protection laws, including GDPR. The role involves managing day-to-day privacy operations, such as Data Subject Access Requests (DSARs), data incidents, and assisting in the implementation of data protection policies, procedures, and controls across the organization. The Data Privacy Specialist will collaborate with internal stakeholders to mitigate privacy risks.

Key Responsibilities:

Support the DPO in responding to Data Subject Access Requests (DSARs), marketing opt-out requests, and privacy-related enquiries.
Assist the Legal & Compliance Manager with daily privacy operations, including data incident management, Data Protection Impact Assessments (DPIAs), and Third-Party Risk Assessments.
Maintain processes for conducting assessments for DPIAs and other privacy risk assessments.
Collaborate with stakeholders across the business to ensure accurate and up-to-date records of data processing activities are maintained.
Manage the processes for reporting and escalating data incidents and breaches, ensuring timely and effective responses.
Support the DPO and Legal & Compliance Manager in reviewing and updating privacy policies, procedures, and controls to ensure alignment with legal requirements and best practices, including those set by the UK Information Commissioner’s Office (ICO).
Assist in working with Procurement and Information Security teams to address privacy risks within third-party contracts.
Help provide assurance to internal and external auditors to demonstrate compliance with data protection laws and regulations.
Support the preparation of clear and concise reports on data protection practices for senior management and relevant committees.
Keep up to date with developments in data protection law and best practices, including guidance issued by regulatory authorities.

Qualifications and Experience:

Proven experience in a data privacy and protection role, ideally within a regulated industry.
Strong knowledge of UK and EU data protection laws, including UK GDPR and the Data Protection Act 2018.
Excellent analytical and problem-solving skills with the ability to investigate, assess, and mitigate privacy risks.
Strong communication and interpersonal skills, with the ability to work effectively with stakeholders at all levels.
Ability to manage multiple tasks and priorities in a fast-paced environment.
High level of attention to detail and accuracy.
A genuine interest in data privacy and a desire to help the organization maintain high standards of compliance.