[Hiring] Data Protection Paralegal @Prolific

Role Description

You will support the Legal and Infosec teams in implementing and evolving Prolific's data privacy compliance programme. Working across the business, you'll help ensure that personal data is handled responsibly and in line with applicable data protection laws, regulations, industry best practices, and our contractual and internal policy obligations. As Prolific continues to grow, you'll partner with teams across the company to embed a culture of privacy, transparency, and accountability into the way we work. This role is well suited to someone with a proactive approach, a genuine interest in data privacy, and the communication skills to build strong relationships and influence stakeholders.

Qualifications

• Knowledge of data protection principles and privacy frameworks (e.g. UK and EU GDPR)
• Experience assisting with an organisation’s data privacy compliance programme or initiatives
• Experience handling data subject rights requests (e.g., access, deletion, rectification)
• Experience partnering with a wide range of stakeholders, with the ability to engage, influence, and advise individuals at all levels of the organisation
• Attention to detail and well-developed analytical skills
• Excellent organisational skills and ability to prioritise workload
• An energetic and proactive approach with the ability to use initiative on tasks and projects
• A passion for data privacy

Requirements

• Relevant experience within a tech or digital business (nice to have)
• US data privacy experience (nice to have)

What you’ll be doing in the role

• Building a good understanding of Prolific’s operations and objectives, and how data privacy compliance and information security can support and enable these
• Handling and responding to data subject rights requests (e.g., SARs, deletion requests, etc) within statutory timeframes, as well as other privacy-related queries, requests and complaints
• Compiling and maintaining our Record of Processing Activities (ROPA) and other compliance documentation to support our accountability obligations
• Completing Data Protection Impact Assessments and Legitimate Interests Assessments, and liaising with different stakeholders to obtain further information on data processing activities where necessary
• Providing advice and guidance from the business on data privacy queries
• Helping to develop, update and embed internal and external policies, guidelines, processes and practices relating to data privacy
• Assisting with the investigation and handling of personal data incidents, and associated record-keeping
• Assisting with the provision of internal data privacy training and communications, including supporting and working closely with data privacy champions across the business
• Monitoring the effectiveness of data privacy controls and processes, tracking key trends, and assisting with the preparation of reports for management
• Reviewing and completing supplier due diligence forms (and similar)
• Supporting the development and implementation of our information security programme and practices, including certifications (e.g. ISO27001)
• Supporting the wider Legal and Infosec team with ad-hoc tasks and project work from time to time

Benefits

• Competitive salary
• Remote working
• Impactful, mission-driven culture