Privacy Lawyer

Privacy Lawyer – Data Protection & Privacy Team

Location : London - hybrid role Global Fintech Unicorn

We are seeking a highly skilled and experienced privacy lawyer to join the Data Protection & Privacy (DPP) team of a leading global fintech unicorn. This role is central to supporting the organisation’s worldwide privacy compliance efforts, with a particular focus on UK / EU data protection and ePrivacy laws. The successful candidate will play a key role in advising on privacy risks, regulatory engagement, and the development of robust data protection frameworks across a complex, international environment.

This is an exciting opportunity to work in a fast-paced, innovative business that is transforming the way people shop and pay online.

• Provide clear, practical responses to ad-hoc privacy queries from stakeholders across the organisation.
• Conduct and review privacy risk assessments, including DPIAs, LIAs and TIAs.
• Advise on data subject rights requests and complaints, ensuring compliant and timely handling.
• Provide guidance on security incidents and data breaches, including regulatory notification requirements.
• Escalate complex or high-risk matters to DPP leadership as appropriate.

• Oversee and maintain the organisation’s Records of Processing Activities (ROPA).
• Support the regulatory function in responding to data protection authority inquiries and third-party data requests (including law enforcement), ensuring accurate and timely responses.
• Monitor and interpret developments in the data protection landscape, including new legislation, case law, and regulatory guidance.
• Advise on the impact of legal developments and assist in designing appropriate mitigation strategies.

• Update and maintain privacy notices, cookie policies, and cookie consent mechanisms.
• Assist in the review and negotiation of Data Processing Agreements (DPAs).
• Support updates to intra-group data processing and data sharing agreements.
• Collaborate with compliance to identify and address privacy-related gaps.
• Contribute to the development of privacy and data protection policies, including engagement with regulators, industry groups, and public consultations.

• Qualified legal professional with strong experience in data protection and privacy law, particularly UK / EU GDPR and ePrivacy regulations.
• Experience level is flexible, though the scope and responsibilities typically align with someone around 4–7 years’ PQE.
• Demonstrated ability to provide both strategic and operational privacy advice in a complex, fast-moving environment.
• Experience managing regulatory interactions and responding to enforcement activity or third-party data requests.
• Strong understanding of global privacy frameworks and their practical application within a multinational organisation.
• Excellent communication and stakeholder-management skills, with the ability to influence and advise at all levels.
• Experience in fintech, e-commerce, or other regulated sectors would be advantageous.

Please contact Charlotte on 07968 955284 or cbutterfield@kgglobal.co.uk