Privacy Lawyer – Data Protection & Privacy Team

Location: London - hybrid role ***Global Fintech Unicorn***

We are seeking a highly skilled and experienced privacy lawyer to join the Data Protection & Privacy (DPP) team of a leading global fintech unicorn. This role is central to supporting the organisation’s worldwide privacy compliance efforts, with a particular focus on UK/EU data protection and ePrivacy laws. The successful candidate will play a key role in advising on privacy risks, regulatory engagement, and the development of robust data protection frameworks across a complex, international environment.

This is an exciting opportunity to work in a fast-paced, innovative business that is transforming the way people shop and pay online.

ROLE RESPONSIBILITIES

Privacy Advisory & Risk Management

• Provide clear, practical responses to ad-hoc privacy queries from stakeholders across the organisation.

• Conduct and review privacy risk assessments, including DPIAs, LIAs and TIAs.

• Advise on data subject rights requests and complaints, ensuring compliant and timely handling.

• Provide guidance on security incidents and data breaches, including regulatory notification requirements.

• Escalate complex or high-risk matters to DPP leadership as appropriate.

Regulatory Engagement & Compliance Support

• Oversee and maintain the organisation’s Records of Processing Activities (ROPA).

• Support the regulatory function in responding to data protection authority inquiries and third-party data requests (including law enforcement), ensuring accurate and timely responses.

• Monitor and interpret developments in the data protection landscape, including new legislation, case law, and regulatory guidance.

• Advise on the impact of legal developments and assist in designing appropriate mitigation strategies.

Governance, Documentation & Policy Development

• Update and maintain privacy notices, cookie policies, and cookie consent mechanisms.

• Assist in the review and negotiation of Data Processing Agreements (DPAs).

• Support updates to intra-group data processing and data sharing agreements.

• Collaborate with compliance to identify and address privacy-related gaps.

• Contribute to the development of privacy and data protection policies, including engagement with regulators, industry groups, and public consultations.

CANDIDATE EXPERIENCE REQUIRED

• Qualified legal professional with strong experience in data protection and privacy law, particularly UK/EU GDPR and ePrivacy regulations.

• Experience level is flexible, though the scope and responsibilities typically align with someone around 4–7 years’ PQE.

• Demonstrated ability to provide both strategic and operational privacy advice in a complex, fast-moving environment.

• Experience managing regulatory interactions and responding to enforcement activity or third-party data requests.

• Strong understanding of global privacy frameworks and their practical application within a multinational organisation.

• Excellent communication and stakeholder-management skills, with the ability to influence and advise at all levels.

• Experience in fintech, e-commerce, or other regulated sectors would be advantageous.

Please contact Charlotte on 07968 955284 or cbutterfield@kgglobal.co.uk