In-House Privacy and Data Lawyer

at  Pinsent Masons

BRIEF

We are currently looking for someone to join our Privacy and Data team. This is a 12 month FTC (maternity cover) in-house role advising the firm on its privacy and data compliance including:

• providing legal advice and guidance on global privacy and data-related matters;
• advising on compliance issues with regards to confidentiality and non-personal data; and
• researching key requirements of data law applicable to the firm’s business worldwide, with APAC/ MEA experience particularly welcome.

OVERVIEW OF THE ROLE

The purpose of this role is to assist in providing proactive and professional legal support to the firm, as part of our Privacy Team. The Team comprises a Privacy and Data Counsel (a lawyer with over 20 years’ data protection experience) and other specialist data protection lawyers and advisers. As a member of the wider General Counsel’s Office (GCO) you will work with business operations teams and directly interface with client-facing lawyers on privacy and data issues across the firm.
The firm has a dedicated and specialised internal team dealing primarily with data protection which also liaises with the Information Law client-facing community, but with increasing remit for advising on non-personal data issues affecting the firm.
You are expected to provide excellent service at all times, making positive contributions to the success of the GCO and building the business of the firm. You will be expected to demonstrate your legal knowledge, administrative, IT, organisational and interpersonal skills. You will need to manage your workload proactively and flexibly and perform tasks in a speedy manner.
You will work in the Privacy Team, reporting to the Privacy and Data Counsel, and be part of the wider GCO comprising 13 lawyers and 6 advisors based in Dubai, London, Hong Kong, Birmingham and Glasgow, as well as the New Business Intake team.

We are currently looking for someone to join our Privacy and Data team. This is a 12 month FTC (maternity cover) in-house role advising the firm on its privacy and data compliance including:

• providing legal advice and guidance on global privacy and data-related matters;
• advising on compliance issues with regards to confidentiality and non-personal data; and
• researching key requirements of data law applicable to the firm’s business worldwide, with APAC/ MEA experience particularly welcome

Key responsibilities of the Privacy and Data Lawyer include but are not limited to the following.

• Supporting the business in managing its data protection and client confidentiality risk by overseeing compliance in the UK and working closely with Risk and Compliance partners and data protection experts in other offices to ensure compliance outside the UK.
• Researching and providing legal advice and guidance on privacy and data-related matters.
• Providing privacy and data input on client questionnaires and bids.
• Assisting with Privacy Impact Assessments and other data protection risk assessments.
• Reviewing and advising on data and privacy aspects of the firm’s client terms, its projects and procurement, including negotiating data related provisions with clients and suppliers.
• Assisting with security incident assessments, remediation and breach notification.
• Providing appropriate advice and interpretation of the provisions of data and privacy law as they impact the firm’s activities in general and/or specific functions across all service lines and business units.
• Managing periodic audits of data protection compliance within the firm, of its suppliers and from clients, and identifying actions necessary for remediation.
• Assisting with data subject rights requests, including subject access requests and ensuring such requests are dealt with in accordance with current law.
• Drafting policies and guidance and delivering other ad hoc awareness and in-depth training as necessary.
• Responding to queries from the business on data, privacy and confidentiality