Heimstaden is a pan-European real estate investor, manager and operator. We manage around 155,000 homes across nine countries with a property value of around EUR 30bn. We acquire, develop, and manage properties, focusing on creating lasting value for shareholders, our tenants and the communities where our properties are located. 

Heimstaden Bostad is looking for a commercial and strategic senior legal counsel to support with legal advice within GDPR/data protection, digitalisation, AI and technology-related matters.  

The full-time position is based in Oslo and reports to Group Director Legal – Digitalisation and Privacy. 

As Senior Legal Counsel, you will provide strategic and practical legal support within GDPR/data protection, digitalisation, AI and technology-related matters. The role has a strong focus on supporting Heimstaden Bostad’s GDPR/data protection governance and compliance, and ensuring the lawful use of personal data across shared services, systems, business processes and data initiatives. 

The role will coordinate with those functions where matters affect their respective entities, rights, obligations or local legal requirements. 

Key responsibilities:  

• Acting as a trusted legal and business advisor to management and other stakeholders on GDPR/data protection, digitalisation, AI and technology-related matters.  

• Uphold detailed knowledge of Heimstaden Bostad’s GDPR/privacy governance framework, contractual framework, shared service delivery model, data flows, systems and relevant IT infrastructure to provide legal advice supporting Heimstaden Bostad’s strategic goals and assets under management. 

• Work strategically with legal structuring to remove roadblocks, secures material savings and enables scalable growth. 

• Support the implementation of, follow-up and monitor compliance with the Heimstaden Bostad’s Privacy Governance Framework, and report to the Group Director Legal – Digitalisation and Privacy. 

• Provide legal advice on a broad range of GDPR/data protection and privacy matters, including roles and responsibilities, lawful basis, transparency, data subject rights, retention and deletion, personal data breaches, supplier processing, intra-group data sharing and international data transfers.  

• Support data protection risk assessments and advice on privacy compliance relating to shared services, systems, applications, infrastructure and digital resources, ensuring clear roles, compliant data processing and risk-based implementation.   

• Work and advice within primarily GDPR/data protection law, the AI Act, contract law and other relevant data protection, digital, and technology regulations. 

• Support implementation of Heimstaden Bostad’s policy framework and internal governance documents, as well as training programs

We are looking for someone who:  

• Holds a master’s degree in law. 

• Minimum 5 years of experience from reputable law firm, and/or relevant inhouse positions. 

• Has strong expertise in GDPR/data protection, AI regulation and digital governance.  

• Ability to apply regulatory requirements in a practical and business-oriented manner. 

• Works strategically and in a structured manner, with high professional integrity. 

• Has strong collaborative and pedagogical skills with the ability to build trust across management levels, functions and jurisdictions;  

• Demonstrates strong business understanding and the ability to balance business needs with implementation, follow-up, quality, and accountability. 

• Communicates clearly and effectively in English, verbally and in writing. 

• Experience from group service companies, shared service centres or international corporate groups would be an advantage. 

We particularly value that you:  

• Are trustworthy, and demonstrates high personal integrity. 

• Thrive at the intersection of legal and commercial, with an eye for strategy and operations. 

• Can create structure and momentum in complex processes. 

• Balance attention to detail with a broader perspective. 

• Are motivated by anchoring an important function across the organisation. 

• Works well collaboratively as well as independently. 

What we can offer:    

• We offer a central role with broad responsibilities and significant exposure across the organisation. 

• You will have the opportunity to influence the further development of the governance and compliance area in a company with high ambitions, complex challenges, and an international outlook. 

• Collaborative and inclusive work environment that values innovation and excellence. 

• Competitive compensation and benefits package. 

Join Us  

 
Apply today via our application portal link below no later than 1st July 2026. 
The interview process will commence in June, pause during July due to the summer holiday period, and resume in August. 
 
We review applications and invite relevant candidates for interviews on an ongoing basis, and the position may be filled before the application deadline. 
 

 
We conduct reference checks as part of our recruitment process. If you have any questions regarding this, you are welcome to contact us. 

We conduct background checks as part of our recruitment process. If you have any questions regarding this, you are welcome to contact us!

At Heimstaden, we value diversity and believe that different perspectives create better decisions and a stronger work environment.