Catch22 exists to help build a society where everyone has a good place to live, good people around them, and a fulfilling purpose. We call these our '3Ps'.

We achieve this in two ways. Firstly, we improve lives on the frontline through delivery of public services. Secondly, we use our knowledge to change 'the system', to fix the complex web that can trap and disempower those it was set up to help. With the heart of a charity and the mindset of a business, we are uniquely placed to deliver on this challenging agenda.

We are looking for a detail-oriented individual to join our Data Protection team as  a Data Protection Coordinator.

The Data Protection Coordinator is responsible for supporting the Data Protection Officer (DPO) to ensure that Catch 22 complies with data protection law through the delivery and coordination of Data Protection activities across Catch22. This includes the provision of guidance and support to services and stakeholders in the charity.

As Data Protection Coordinator, your main duties will include:

• Acting as a key point of contact for data protection queries across Catch22, providing practical advice in a timely and efficient manner to internal/external stakeholders, and resolving queries independently while escalating to the Data Protection Officer where appropriate.
• Managing the Data Protection Team mailbox, triaging and responding to queries, prioritising workload and resolving issues, with escalation of high risk or complex matters to the Data Protection Officer.
• Managing data protection incidents end to end, including assessing risk to the rights and freedoms of individuals, identifying appropriate actions, and escalating high-risk incidents to the Data Protection Officer.
• Managing and maintaining the Data Subject Rights log, ensuring requests are accurately recorded, monitored and progressed to completion in line with statutory deadlines, escalating or seeking advice from the DPO on complex or high risk cases where necessary.
• Coordinating and managing data subject rights requests in line with organisational processes, applying judgement to non-routine and complex cases, including assessing where deadline extensions may apply in accordance with UK GDPR, and identifying where additional steps or escalations to the Data Protection Officer are required.
• Managing Subject Access Requests end to end, including acknowledgement, identity verification, stakeholder engagement, information gathering and secure handling of data, and supporting the compliant disclosure in line with statutory requirements.
• Advising stakeholders on Data Protection Impact Assessments (DPIAs), including when they are required, and supporting completion before provision of the DPIA to the Data Protection Officer for review.
• Managing and prioritising workload to meet statutory and organisational deadlines, proactively identifying risks to delivery and recommending appropriate action to the Data Protection Officer.
• Providing clear, practical advice and guidance to stakeholders on data protection requirements, supporting consistent understanding, compliance and best practice across the organisation.
• Contributing to the development and continuous improvement of data protection processes, procedures, and the data protection management system.
• Advising stakeholders on the development and review of service-specific privacy notices to ensure accuracy, transparency, and compliance with data protection legislation.
• Identify and prioritise emerging data protection risks or issues supporting to the Data Protection Officer in rectification.

Link to job description here

To excel in this role, you should possess:

• Awareness of regulatory expectations and guidance (e.g. ICO guidelines)
• Awareness of UK Data Protection Legislation
• A non-judgmental attitude with an understanding of Catch22's mission.
• Experience in managing or supporting Subject Access Requests.
• Experience working independently, managing completing priorities, and meeting deadlines.
• Strong attention to detail and ability to handle sensitive and confidential information appropriately.
• Ability to build effective working relationships with stakeholders at all levels.
• Open to learning and expanding on knowledge in the UK Data Protection sector.

Salary: £27,500 to £30,000 (dependent on experience)
Hours of work: Full time, 37 hours per week
Grade: MPA - Coordinator
Contract: Permanent
Flexibility: Remote working

See the benefits of working for Catch22 here.

Unless otherwise stated, interviews will be arranged as suitable candidates are identified, so early application is strongly advised.

We aim to review applications as quickly as possible. However, due to the volume of interest we receive, we may not be able to contact all applicants individually. If you have not heard from us within two weeks of the closing date, please assume that your application has not been successful this time.

At Catch22 we value equality, diversity and inclusion. We are wholeheartedly committed to the principle of equality of opportunity, both as an employer and as a provider of services. Diversity and Inclusion is part of what we do every day, working to deliver our vision to build a strong society where everyone has good people around them, a purpose, and a good place to live.

Catch22 is committed to rigorous safeguarding and safer recruitment practices; ensuring that every individual within the organisation has been safely and appropriately checked.

Please note, we will conduct an online search as part of our due dilligence checks for successful candidate(s). This will involve a search of all publicly available information online and in social media. 

Catch22’s Commitment to Ban the Box

Catch22 is proud to have “Banned the Box”. This means that we do not ask for candidates to disclose criminal convictions at the application stage. Instead, we invite disclosures at interview stage, and encourage them at the offer stage. Please see our statement of commitment on hiring people with convictions for more information.