Paralegal / Compliance Specialist

At Everway (formerly n2y/Texthelp), our goal is to lead the world in Neurotechnology software, helping transform the way we understand and are understood. 

We’re a global community of over 550 team members spanning seven countries, including the UK, USA, Norway, Denmark, Sweden, Australia, and New Zealand. By understanding and addressing the unique needs of each individual, we're creating a world where differences are recognized and valued. A world where everyone can thrive.

We can only achieve our goals and continue to grow by having high performing people in our team, people who share our goals and are passionate about our mission. We pride ourselves on our core values that are embedded within our culture. These are to be curious, have courage, and commit fully.

Join us at Everway - together, we can unlock the full potential of every mind.

Job Purpose: 

The primary contact point for legal matters across our Nordic offices and Data Protection (GDPR) experts across our Nordic locations (Sweden, Denmark, Norway). The post holder is expected to lead on all compliance matters, especially regarding GDPR, collaborating with country managers, sales, and technical teams to ensure synergy and standardization in our processes for handling our legal obligations.

Essential Criteria:

• Degree level (or equivalent) qualification in a related discipline (Law, Data Protection, IT/Information Security)
• 2+ years of documented leadership experience and expertise in GDPR/Data Protection compliance
• Knowledge of Data Protection legislation in Denmark, Norway, and Sweden
• Knowledge of Contract Law and experience reviewing legal contracts
• Excellent interpersonal skills with the ability to collaborate with and influence people at all levels of the organization
• Ability to adapt to changing regulations and work in a fast-paced, dynamic environment
• Fluent Danish and English, with the ability to collaborate across teams and regions in Norway and Sweden

Desirable Criteria:

• Previous experience working in a Security Management System (e.g., ISO) environment
• Previous expert supporting the IT/SaaS industry
• Knowledge of Security Standards and Data Protection Standards e.g., ISO 27001, ISAE 3000 and experience with internal auditing
• Detail-oriented with strong analytical and problem-solving skills.
• Ability to collaborate across teams and departments to ensure compliance and implement best practices.

Responsibilities: The post holder will have the following responsibilities:

Leading the Data Protection Framework in the Nordics:

• Data Processing Agreements (DPAs): Draft, review, and negotiate DPAs and privacy contracts with our Nordic customers. Provide instruction and collaborate directly with external legal counsel across the three regions, where relevant, to approve and recommend changes, ensuring compliance with applicable laws and regulations and in accordance with industry standards and our own organizational policies across various regions and countries.
• Data Processing Agreement Register: Maintain a register of Data Processing Agreements, capturing the lifecycle of data processing, including the chain of sub-processors of the relevant products.
• Updates to Data Processing: Work closely with the sales and technical teams to ensure our processes are agile and can adopt the legal provisions of our DSAs, i.e., data retention and deletion, notification requirements, incident management, etc.
• Responding to Data Protection Inquiries: Act as the point of contact for internal and external inquiries related to data protection, privacy, and information security. Provide timely and accurate guidance to stakeholders, employees, and customers regarding data protection policies, practices, and regulations.
• Instruction and collaboration with legal counsel, as relevant, to approve and recommend changes to complex Data Processing Agreements, to ensure compliance with applicable laws and regulations and in accordance with industry standards and our own internal organizational policies.
• Continuous Improvement Initiatives: Lead continuous improvement initiatives with respect to the storage, accuracy, and accessibility of critical information.

Managing the Customer Terms and Conditions Framework:

• Responsibility for the ownership and development of the customer terms framework in the Nordics.
• Responsibility for reviewing and redlining requests as needed. Leads and collaborates with legal advisors as needed to approve and recommend changes, ensuring compliance with applicable laws and regulations and in accordance with industry standards and our own organizational policies across various regions and countries.

ISO 27001 and ISAE 3000 Compliance:

• Management of our ISAE 3000 annual audit assessment in the Danish region and support for ISO 27001 continued certification across our Nordic locations as part of a global team.

Other:

• Work together with the Head of Operational Compliance and other internal stakeholders to ensure data protection compliance across the organization.
• Support the Head of Compliance and Process Excellence to manage external firm invoicing and external consumption approvals across the Nordic regions.
• Responsible for maintaining and delivering training sessions and workshops to raise awareness of data protection.
• Stay updated on new data protection laws, regulations, and industry best practices. Monitor changes and assess their impact on the organization's data processing activities.
• Drive continuous improvements across team processes, including the identification and implementation of systematization and automation where possible.

Please submit your CV in English.

#LI-JM1

Join our team and enjoy a competitive salary with bonus opportunities, flexible work schedules, and comprehensive health and wellness benefits. We offer flexible time off plans, career growth through development programs, and a collaborative, innovative culture where your ideas matter.  Ready to make an impact? Apply today and be part of a company that invests in your success!

We are committed to providing a Drug-Free Workplace for all employees.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Please click the link for our Privacy Notice