Privacy & Data Governance Specialist

We are looking for a Privacy & Data Governance Specialist to join our growing team and help strengthen our global privacy, data governance, and compliance framework. This role is ideal for a professional who enjoys working at the intersection of privacy, technology, regulation, and business operations in a fast-paced, international environment.

You will partner closely with Information Security, Product, Marketing, and Operations teams to ensure that privacy and data governance requirements are effectively embedded across our products, services, and internal processes.

What You'll Do

As a key member of our compliance function, you will:

• Support and enhance compliance programs related to privacy, data protection, marketing compliance, AI governance, and broader data management initiatives.
• Provide guidance on the collection, use, sharing, retention, and protection of personal data across products, services, and internal business processes.
• Assist in the development, maintenance, and continuous improvement of privacy policies, procedures, standards, templates, and related documentation.
• Maintain and update Records of Processing Activities (RoPA), working closely with Information Security and operational teams to document new and modified processing activities.
• Conduct privacy reviews and assessments as part of supplier onboarding, due diligence, and contract renewal processes.
• Support responses to customer privacy and compliance questionnaires, audits, and due diligence requests.
• Create and maintain customer-facing privacy documentation, notices, disclosures, and materials explaining our privacy and data protection practices.
• Partner with Marketing and Communications teams to ensure compliance with privacy requirements related to websites, cookies, tracking technologies, consent management, and marketing campaigns.
• Advise on privacy and compliance considerations for data management, data governance, and information lifecycle initiatives.
• Support the negotiation and review of privacy, data protection, confidentiality, and security provisions in customer, supplier, and partner agreements.
• Assist with Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), transfer impact assessments, and other privacy risk assessments.
• Monitor developments in global privacy, cybersecurity, AI, and data-related regulations, and help implement necessary updates to policies, processes, and controls.
• Collaborate with cross-functional stakeholders to identify privacy risks and develop practical, business-oriented solutions.
  
  

What We're Looking For

• Bachelor's degree in Law, Compliance, Business, Information Governance, or a related field.
• 5–7+ years of experience in privacy, data protection, compliance, legal, risk, or data governance functions.
• Strong understanding of GDPR and European privacy and data protection requirements.
• Experience supporting privacy programs in a regulated or complex data-processing environment.
• Ability to translate regulatory requirements into practical business guidance.
• Excellent drafting, communication, stakeholder management, and project coordination skills.
• Strong analytical mindset with attention to detail and a proactive approach to problem-solving.
• Comfortable working independently while collaborating across multiple teams and jurisdictions.
  
  

Preferred Experience

We would be particularly interested in candidates who have experience working within:

• A European law firm advising on privacy, technology, or regulatory matters.
• A regulated financial services, fintech, payments, banking, or insurance organization.
• A European regulatory or supervisory authority.
• A technology company handling significant volumes of customer or sensitive data.
• An international organization operating across multiple jurisdictions.

The following would be considered strong advantages:

• Experience supporting AI governance, data governance, or information management programs.
• Exposure to international privacy frameworks beyond GDPR.
• Experience negotiating commercial contracts with privacy and data protection provisions.
• Professional certifications such as CIPP/E, CIPM, CIPT, or equivalent.
• Experience working in multinational or cross-border environments.