Privacy and Data Lawyer | In-House | 3-5PQE | UK

Our Client is seeking a Privacy and Data Lawyer with 3-5 years PQE to join their in-house team. This role involves advising the firm on privacy and data compliance, including:

• Offering legal advice and guidance on global privacy and data-related matters, primarily focused on the UK.
• Taking primary responsibility within the Privacy Team for advising on compliance issues related to confidentiality and non-personal data.
• Researching key data law requirements applicable to the firms business worldwide, primarily focused on the UK, and liaising with external advisers and other offices of the firm regarding these requirements.
  

Candidate Requirements:

The successful candidate will have solid experience of advising on data protection in a commercial environment, including carrying out risk assessments, reviewing suppliers privacy documentation, drafting privacy notices and policies, and advising on marketing issues.

Key Responsibilities:

• Supporting the business in managing its data protection and client confidentiality risk by overseeing compliance in the UK.
• Researching and providing legal advice and guidance on privacy and data-related matters with a primary focus on the UK.
• Providing privacy and data input on client questionnaires and bids.
• Assisting with Privacy Impact Assessments and other data protection risk assessments.
• Reviewing and advising on data and privacy aspects of the firms client terms, its projects and procurement, including negotiating data-related provisions with clients and suppliers.
• Assisting with security incident assessments, remediation, and breach notification.
• Maintaining and updating the firms Register of Processing Activities, and assisting in fact-finding and populating data management systems
• Providing appropriate advice and interpretation of the provisions of data and privacy law as they impact the firms activities in general and/or specific functions across all service lines and business units.
• Managing periodic audits of data protection compliance within the firm, of its suppliers and from clients, and identifying actions necessary for remediation.
• Assisting with data subject rights requests, including subject access requests and ensuring such requests are dealt with in accordance with current law.
• Drafting policies and guidance and delivering other ad hoc awareness and in-depth training as necessary.

You will:

• Work with business operations teams and directly interface with client-facing lawyers on privacy and data issues.

• Demonstrate legal knowledge, administrative, IT, organizational, and interpersonal skills, and manage your workload proactively and flexibly.

• Work in the Privacy Team, reporting to the Privacy and Data Counsel