Job Description
Role Summary
Please ensure you read the below overview and requirements for this employment opportunity completely.
The Head of Privacy oversees and leads the global Privacy function for Wejo.Wejo' s Privacy function supports Wejo by helping to embed privacy concepts into day-to-day business activities. The Head of Privacy works with local subject matter expert team members in advising the business on our compliance with global privacy regulations including GDPR, CCPA and other local and international data privacy legislation. The Wejo Privacy Team monitors adherence to global privacy requirements and acts as the primary point of contact with supervisory authorities and data subjects. The Head of Privacy also manages any privacy specialists who support the function.
The Head of Privacy works with Privacy team members to create policies that enforce compliance with legislation and delivers relevant training to our staff to increase awareness of data protection and privacy measures. A prerequisite for everyone working in Wejo is a high level of personal resilience and the ability to manage changing priorities and complexity well.
Key Responsibilities – what I do mostly
- Set Privacy strategy and agree and coordinate with stakeholders on implementation
- Maintain and continue to enhance the overall company privacy compliance strategy
- Act as primary point of contact to data subjects, external business partners, supervisory authorities, and internal teams
- Act as named Data Protection Officer (DPO) with regulators in the UK and EU
- Evaluate the company’s data processing and privacy activities and structure appropriate policies around those activities
- Provide advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs)
- Monitor data management procedures and compliance within the company
- Support/lead the process for the maintenance of records of processing operations and ensure these are adequately reflected in relevant policies; provide guidance to business areas as necessary
- Oversee the management of data subject rights; ensure adequate processes and procedures are in place
- Contribute to Wejo vendor and third-party due diligence activities and provide advice on contracts
- Act as an external spokesperson for Wejo relating to Privacy, in conjunction with the Wejo Regulatory Affairs team
- Perform privacy audits and implement any changes depending on outcomes
- Offer consultation to the business on how to deal with privacy breaches
- Raise and escalate risk to those who need to know
- Identify training needs and deliver as appropriate
- Develop and deliver privacy KPIs and reporting
- Communicate to senior management and other business areas about gaps in compliance and assist with remediation
- In conjunction with internal legal counsel, keep abreast of changes in law and issue recommendations to ensure compliance; Manage the company compliance activities associated with additional global privacy legislation and regulation as appropriate for operational territories
- Work with the business to embed privacy requirements within Wejo’s products and services
Other Responsibilities – what I will be doing sometimes
- Use my expertise and knowledge to help in areas of the business that need support to get the job done, whatever that might be
Experience in data protection and privacy compliance
- Expert knowledge of both national and international data protection and privacy legislation
- Good understanding of geolocation data as relevant to privacy regulation and legislation
- Good understanding of both national and international legal systems (specifically EU and United States)
- Ethical, with the ability to remain impartial and report all non-compliance
- Degree preferred in a related subject