Data Protection Manager

Social network you want to login/join with:

Unite is seeking to use data more to drive the organisation, and our ability to manage data protection risks and demonstrate compliance is vital to our continued success.

The Data Protection Manager is responsible for managing data protection activities, leading the Data Protection team and fostering a culture of privacy within Unite. This role involves ensuring compliance with data protection and privacy laws, policies, and best practices.

You will be part of a team where success depends on building trust and being a `critical friend` to the wider business, collaborating with teams to ensure Unite meets its data protection obligations when collecting and processing personal data.

This is a senior, wide-ranging role involving collaboration with all internal stakeholders. You will work across initiatives to deliver the data protection strategy and enhance Unite's data protection maturity.

Building relationships with colleagues across Unite, including senior management and external stakeholders, is key. Responsibilities include:

• Stakeholder management: Collaborate with multiple teams to embed data protection and privacy in systems and processes, including delivering training and awareness programs.
• Data protection strategy: Lead and develop responses to challenges in the data protection landscape, working with Data Governance and InfoSec teams for a consistent approach.
• Data Protection Compliance: Ensure compliance with relevant laws such as GDPR and the UK Data Protection Act 2018, and have knowledge of overseas laws like China's PIPL to manage risk exposure.
• Privacy Policy development: Develop, implement, and maintain data protection and privacy policies aligned with legal and industry standards.
• Privacy notices: Create and update privacy notices to reflect legal requirements and industry standards.
• Data sharing: Ensure data sharing agreements are in place where necessary.
• Data Protection Impact Assessments (DPIAs): Oversee DPIAs to assess and mitigate risks in new projects or systems.
• Data Breach Management: Maintain an effective breach response plan, including compliance with notification requirements and lessons learned reviews.

• Strong communication and interpersonal skills for stakeholder engagement
• Excellent project management abilities
• Proactive attitude supporting data protection initiatives
• Presentation skills and ability to influence at senior levels
• CIPP/E and/or CIPM certification
• Deep understanding of UK GDPR, Data Protection Act 2018, and knowledge of PIPL for overseas compliance
• Analytical and problem-solving skills for risk assessment and mitigation
• Team-oriented with collaboration skills
• People management experience
• Self-sufficient with prioritization skills
• Ability to manage complex workloads and adapt to changing demands
• Commitment to continuous learning about privacy laws and best practices

• A discretionary annual bonus
• 25 days paid holiday plus additional for long service
• Generous pension scheme with employer contributions up to 11%
• Health and wellbeing benefits including Healthcare Cash Plan, Employee Assistance Programme, Wellbeing platform, and Gym benefits
• Enhanced Family Leave: 18 weeks full pay for birthing parents, 4 weeks for non-birthing parents
• Other benefits: ShareSave scheme, Life Assurance, discounts portal, and more