Data Protection Advisor

Summary: The Data Protection Advisor at CML Construction Services Limited, part of STRABAG UK Limited, is responsible for ensuring compliance with UK GDPR and the Data Protection Act 2018. This role involves identifying privacy-related risks, developing policies, and raising awareness across the business. The advisor will also manage data protection impact assessments, handle data subject access requests, and support audit programs related to data protection compliance. Strong legal and commercial understanding, along with excellent interpersonal skills, are essential for success in this position.

Key Responsibilities:

• Ensure compliance with UK GDPR, the Data Protection Act 2018, and other applicable data protection laws.
• Monitor developments in relevant law, regulation, policy, guidance, and codes of practice.
• Enhance existing policies and create new ones as necessary.
• Update and maintain records of processing.
• Manage data protection impact assessments and address identified risks.
• Handle data subject access requests.
• Deliver training and raise awareness about data protection.
• Work closely with information security and people teams to ensure compliance.
• Manage data breaches, identify root causes, and mitigate risks.
• Support STRABAG’s audit program with audits related to data protection compliance.
• Provide in-house advice on privacy, data-sharing, and EU AI Act compliance.
• Draft, negotiate, and review commercial agreements focusing on information law clauses.

Key Skills:

• Certified in CIPP/E or CIPM.
• Good academic credentials and post-qualification experience (2-5 PQE preferred).
• In-house (legal) experience or strong law firm experience supporting large corporations.
• Strong commercial understanding and excellent interpersonal skills.
• Recognised data protection qualification from a reputable provider.
• Detailed working knowledge of privacy-related legislation and UK GDPR.
• Experience in IT agreements, software licensing, data protection, and intellectual property.
• Proven DPO or DPM experience in a commercial business environment.
• Excellent file management skills, with knowledge of SharePoint advantageous.
• Strong communication skills, both written and verbal.
• Excellent attention to detail and ability to work well with others.
• Working knowledge of ISO 27001 and 27701 beneficial but not essential.
• Pragmatic and solution-based approach in legal advice.
• Self-motivated with a proactive approach and team spirit.

Salary (Rate): undetermined

City: London

Country: United Kingdom

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: Other