Privacy Legal Counsel

We are looking for a junior lawyer to join the Data Privacy legal team and support the day-to-day delivery of privacy legal advice across the business. This is a great opportunity for someone at an early stage in their legal career who is interested in developing into a specialist privacy lawyer.

The role will initially focus on supporting the team with legal administration, coordination, first-line privacy support, document review, and the management of operational privacy tasks. Over time, the successful candidate will be expected to grow into a broader advisory role, including taking ownership of and leading data subject rights requests, supporting privacy risk assessments, and handling a wider range of privacy legal matters with increasing independence.

This role would suit someone who is organised, practical, calm under pressure, and keen to build a long-term career in data privacy.

Key Responsibilities

Day-to-day legal and administrative support

• Manage the team inbox, track incoming queries, and ensure matters are logged, allocated, and followed through to completion.

• Maintain privacy trackers, action logs, templates, guidance notes, and internal records to support efficient team operations.

• Oversee document and contract administration, including filing, version control, signature processes, and legal workflow coordination.

• Coordinate with internal stakeholders to gather information required for privacy reviews and advice.

• Prepare internal updates, training materials, and practical guidance for the business on privacy matters.

Privacy legal support

• Conduct initial reviews of privacy-related requests and escalate issues appropriately.

• Review contracts and data protection provisions, including data processing terms, confidentiality clauses, and transfer-related provisions.

• Contribute to privacy impact assessments, legitimate interest assessments, records of processing, and other privacy governance documentation.

• Review internal and external privacy notices, policies, and retention-related documents for compliance and clarity.

• Coordinate incident response activities and gather information relating to privacy queries and potential personal data breaches.

• Conduct legal and regulatory research on data protection issues across relevant jurisdictions.

Stakeholder and operational support

• Collaborate with Legal, Information Security, HR, Procurement, Commercial teams, and other business stakeholders to deliver integrated privacy solutions.

• Translate privacy advice into practical implementation steps for the business.

• Support employee and client-related privacy matters, including information gathering and document preparation.

• Contribute to maintaining an organised and efficient approach to privacy governance and team processes.

Growth and development responsibilities

Over time, the role will develop to include:

• Taking ownership of data subject access requests and other data subject rights requests from intake through to response.

• Managing stakeholder engagement for DSARs, including document collection, review coordination, and response timelines.

• Leading lower-risk privacy matters with appropriate supervision.

• Providing direct legal support on privacy issues arising in commercial, HR, and operational contexts.

• Identifying process improvements and opportunities to strengthen the team's privacy operations.

• Qualified lawyer, trainee nearing qualification, or junior counsel with relevant legal experience.

• Strong interest in data protection and privacy law, with a commitment to developing specialist expertise in this area.

• Experience in an in-house legal team or law firm, preferably with exposure to privacy or data protection matters.

• Good organisational skills and ability to manage multiple tasks carefully and consistently.

• Strong written and verbal communication skills, with the ability to explain complex legal concepts clearly to non-legal stakeholders.

• Able to work with a range of stakeholders in a clear, professional, and pragmatic way.

• Good judgment on when to escalate legal or risk issues.

• Strong attention to detail and a structured approach to work.

• Willingness to learn, take ownership, and grow into a broader privacy advisory role.

• Familiarity with data protection regulations, including GDPR and UK GDPR, or a demonstrable commitment to acquiring this knowledge.

• Experience with privacy governance documentation, such as privacy impact assessments, rec...