Data Privacy Manager
London
Motorway
Sell your car the more money way. Fast, free and with 7,500+ dealers ready to buy. Get free home collection with fast payment, no hassle.About Motorway
Motorway is the UK’s fastest-growing used car marketplace – our award winning, online-only platform connects private car sellers with over 7,500 verified dealers nationwide, who compete to offer the best price. Founded in 2017, our technology makes the process refreshingly easy, earning us an 'Excellent' Trustpilot rating with over 70,000 reviews. We're not just building a platform; we're changing how people sell cars.
Backed by leading investors like Index Ventures and ICONIQ Growth, and following a successful $190 million funding round, we're on a mission to transform the used car market.
About the role
The Data Privacy Manager will be a key member of our Legal & Risk Team, responsible for developing, implementing, and maintaining a robust data privacy program. You'll play a crucial role in ensuring our marketplace complies with all relevant data protection laws and regulations (e.g., UK GDPR, Data Protection Act), and that our users' data is handled with the utmost care and security.
You’ll have the freedom to build out your own strategy for data privacy compliance, working closely with Legal, IT, Engineering, and Product teams. You will gain exposure to senior leadership from the get go, with the backing of the rest of the Legal & Risk Team.
What you’ll do
Program Development and Management:
Develop and maintain a comprehensive data privacy program, including policies, procedures, and training.
Oversee data mapping, data inventory, and record-keeping activities.
Conduct regular privacy impact assessments for new projects and processes.
Manage a team responsible for actioning data subject rights requests and other privacy-related inquiries.
Compliance and Monitoring:
Monitor changes in data protection laws and regulations and ensure the organization's practices remain compliant.
Conduct internal audits and risk assessments to identify and mitigate privacy risks.
Manage relationships with data protection authorities and external auditors.
Develop and maintain a data breach incident response plan.
Manage and investigate data breaches and other privacy incidents.
Vendor Management:
Assess and manage the privacy risks associated with third-party vendors and service providers.
Negotiate and review data processing agreements with support of the Legal & Risk Team.
Requirements
3-4+ years of experience in data privacy, compliance, or a related role.
Experience working in the legal profession / with legal professionals is desirable but not essential.
Experience managing at least one individual is desirable but not essential.
In-depth knowledge of UK GDPR, Data Protection Act, and other relevant data protection laws and regulations (e.g., PECR).
Strong understanding of data privacy principles and best practices.
Experience conducting DPIAs and leading on data subject rights response processes.
Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as part of a team.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance GDPR Incident response Monitoring Privacy Risk assessment Strategy Vendor management
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.