COMPANY DESCRIPTION

We’re Together. For over 50 years, we’ve helped thousands of people, businesses and professionals unlock their property ambitions with our common-sense approach to mortgages and secured loans.
We take the time to understand our customers and our door is always open, so we can often help when other lenders can’t or won’t. Based in Cheadle, Cheshire, our 750 colleagues help our customers throughout the UK, backed by the power of a £7 billion loan book.
Job Description
As the Data Protection Officer you will be responsible for the design and delivery of complex reviews to ensure the company is managing its regulatory requirements for the Data (Use and Access) Act 2025, Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communication Regulation (PECR).
A Key area of focus for the role is supporting colleagues in relation to all data protection related queries and incidents as well as ensuring that the company is appropriately compliant with the requirements of the Data Protection Laws and best practice.
The DPO will set and drive the Group’s Data Protection Compliance strategy, through the development and oversight of the Data Protection Compliance Framework and ongoing monitoring activities.

As the Data Protection Officer, we are looking for someone to:

• Inform and advise the organisation and its employees about their obligations to comply with the Data Protection Laws
• Monitor compliance with the Data Protection Laws, including but not limited to; managing internal data protection activities, reviewing and advising on Data Protection Impact Assessments, facilitating the training of all staff and conducting internal assurance audit
• Build and maintain a Data Protection Compliance Framework, including managing the subsequent activities required, e.g. managing personal data inventory, record of processing activities, DPIA’s, Data Processors, data protection assurance audits, policy creation and management, risk and personal data control structures
• Be the first point of contact for the Regulator, and other supervisory authorities, and for individuals whose data is processed
• Liaise with key stakeholders in order to design and deploy appropriate data processor contracts and data protection policies, taking full account of all regulatory and legislative requirements
• Organise colleague Data Protection awareness and training. Ensure staff awareness of the organisations Data Protection Management and the requirements of the Data Protection Laws is maintained.
• Be responsible for management of data protection incidents and act as an advisor to colleagues as a source of guidance
• Fulfill the obligations of Article 39 UK GDPR Statutory Obligations
• Manage a team of 3 colleagues (1 Direct report)

Qualifications

Please refer the Job description for details