At Jellyfish, we believe in the power of diverse perspectives and inclusive collaboration. We welcome individuals who excel in collaborative, varied teams and value the unique contributions that each person brings to the table.

Jellyfish is a global digital marketing agency; a unique fusion of tech enthusiasts, creative minds, and media and data experts all united to empower our clients along their digital journey. Our commitment to embracing diverse perspectives fuels our innovation and strategies that challenge the status quo, reinvent media activation, and craft influential stories for our global clients and their customers. Join us in shaping a future where business growth and personal fulfilment go hand in hand.

Reporting to our General Counsel, In this role, you will work with the Legal and Compliance and Information Security functions to develop and monitor policies and standards applicable to the business and in compliance with GDPR and other relevant privacy legislation.

Your primary responsibilities will include:

• Implement measures and a privacy governance framework to manage data use in compliance with GDPR and other relevant legislation, including developing templates for data collection, advising on and assisting with data mapping and records of data processing and vendor management reviews.
• Work with team members in the review of operations and projects and related data processing to ensure compliance with data privacy laws, and, advising on and monitoring data protection privacy impact assessments.
• Be the primary contact and liaison for the relevant supervisory authority on all data protection related matters under GDPR and other relevant legislation.
• Serve as the primary contact for data protection queries in the business.
• Review supplier or client contracts (including relevant standard contractual clauses for international data transfers) and other third-party data processing and data sharing arrangements in partnership with the organisation's Legal, Procurement and Information security functions.
• As privacy expert, partner with business teams to evaluate new initiatives, plans, and processes to meet data protection compliance requirements
• Ensure filing and fee requirements with the relevant supervisor authority are achieved.
• Participate in the Data Privacy and Information Governance Committee or similar.
• Manage and conduct ongoing reviews of our privacy governance framework including Binding Corporate Rules (BCRs)] and regular and ad hoc reporting on data privacy compliance within the organisation
• Monitor changes to relevant privacy laws and making recommendations to the Company and any relevant committees.
• Set standards and review policies and procedures globally that meet the requirements under GDPR and any localisation requirements in countries of operation.
• Develop and deliver privacy training to several departments and collaborating with the Information Security function(s) to raise employee awareness of data privacy and security issues and promote a culture of data protection and compliance across the organisation.
• Develop strategies and initiatives to ensure engagement with important team members.
• Coordinate and monitor data privacy audits and addressing any potential issues with solutions.
• Collaborate with the Information Security function(s) to maintain records of all data assets and exports and maintaining a personal data security incident management plan to ensure remediation of incidents affecting personal data including impact assessments, breach response, complaints, claims or notifications.
• Respond to and advising on data subject rights requests, including data subject access requests (DSARs) and other requests from individuals.
• Ensure that our IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including the retention and destruction of data).
• Work with designated in-house Legal Counsel or outside legal advisers who are subject matter experts for data privacy law issues.
• Promote work practices, working as part of Legal and Compliance team member, and showing respect for co-workers.

• Knowledge of GDPR, UK GDPR data privacy and data protection regulations, and an understanding of other major privacy frameworks and evolving legislation worldwide.
• Ability to interact with people at all organisational levels of the firm.
• Experience working in a large, global organisation.
• Ability to work unsupervised and exercise leadership.
• 10+ years' post qualified data privacy experience required.
• Main experience includes GDPR and UK GDPR data privacy laws plus evolving global data and privacy laws.
• 6+ years; experience within a compliance, legal, audit or risk team, with recent experience in privacy compliance.
• Experience developing policy and compliance training
•  

Note: We emphasise skills, expertise and behavioural attributes over years of experience and traditional degrees. If you want to join our collaborative team, we invite you to apply today with your resume in English.

Join Jellyfish and experience a workplace where we prioritise your growth, celebrate your contributions, and empower you to tailor your work environment to suit your needs.

💰 Reward: You'll receive a loyalty salary increase on your Jellyfish anniversary, in addition to our company-wide annual bonus.

💫 Custom Work Environment: Work remotely for up to 60% of your days and shape your day between 8am. and 6:30pm with flexible working hours.

📈 Growth, Your Way: Grow your career with one paid day each month for self-development and access to LinkedIn Learning with unlimited online courses.

👪 Family Support: Enjoy 14 weeks of paid leave for primary caregivers and 4 weeks of paid leave for secondary caregivers. We also provide £1000 (or equivalent) towards courses for returning primary caregivers to support your transition back into work.

Unfortunately, there has been an increase in fake recruiters impersonating Jellyfish and unlawfully using our brand name. If you are unsure if an email with a job offer you have received is genuinely from Jellyfish, or if you suspect any fraudulent activity, please report it to [email protected].

#LI-Hybrid