Deputy Data Protection Officer

at  Deliveroo

Join Deliveroo’s Global Data Protection team, where we design and maintain a cutting-edge global data privacy program and compliance framework. Our team advises on privacy matters, liaises with regulators, provides guidance and training, and develops privacy-compliant processes that positively impact our customers, riders, and employees. Reporting directly to the Global DPO and embedded within the Deliveroo Legal team, this role offers a global reach and the opportunity to work at the forefront of emerging tech.
We are a team of creative privacy enthusiasts who thrive on innovation and collaboration. No two days are the same at Deliveroo, and we are seeking an experienced Deputy DPO who will excel in our dynamic environment.
This role is based out of our London office; you will need to be on-site 3 days a week.

REQUIREMENTS:

• Prior experience as a Deputy DPO or DPO
• Minimum 7 years previous experience interpreting and applying data protection laws, including the EU’s General Data Protection Regulation (GDPR)
• Bachelor’s degree or equivalent from an accredited university, preferably in a legal or technical topic
• Previous experience evaluating and assessing privacy risks relating to consumer facing businesses / tech platforms
• Liaising with privacy regulators
• (Strongly preferred) International Association Privacy Professionals (IAPP), Certified CIPM, CIPPE, CIPT
• (Strongly preferred) Previous experience advising on global privacy compliance
• (Desirable) Experience with OneTrust

WHY DELIVEROO

Our mission is to transform the way you shop and eat, bringing the neighbourhood to your door by connecting consumers, restaurants, shops and riders. We are transforming the way the world eats and shops by making access to food and products more convenient and enjoyable. We give people the opportunity to buy what they want, as they want it, when and where they want it.
We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, looking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.

• Deputise for the Global DPO: Take charge of data protection compliance for consumer and employee data, overseeing a data protection manager and analyst.
• Lead Privacy Initiatives: Spearhead large-scale, cross-functional privacy improvement projects.
• Draft and Complete DPIAs/PIAs: Provide pragmatic privacy advice on innovative business projects, including algorithms, GenAI, automation, and personalization.
• Incident Management: Manage medium and large-scale personal data incidents, including investigation, response, notification assessment, and remediation.
• Global Privacy Program Support: Assist in managing Deliveroo’s global data privacy program and compliance framework.
• Training and Upskilling: Support the development and training of the Data Protection team.
• Rights Requests Supervision: Ensure accurate and timely processing of consumer and employee individual rights requests.
• Complaint Resolution: Oversee responses to contentious individual complaints, advising on investigations and drafting responses.
• Policy Development: Draft internal policies, procedures, and guidance materials, and maintain compliance documentation.
• Regulatory Response: Assist the Global DPO in responding to regulatory enquiries, investigations, and dawn raids.
• Compliance Audits: Lead and conduct data protection departmental compliance audits.
• Cross-Functional Collaboration: Work closely with Privacy Legal, Security, Tech, People, Customer Care, and other business teams.
• External Counsel Management: Instruct external counsel and review their advice.
• AI Project Advisory: Advise on privacy risks associated with new GenAI and AI-related projects.
• Executive Reporting: Draft reports for the C-Suite and Committees.