Privacy Counsel in London

We are seeking a mid-level Data Privacy Counsel and GDPR subject matter expert to support Ant International’s business in EMEA. The individual will work closely with business development personnel, financial institutions, risk management and other legal/compliance/AML/data privacy professionals, as well as tech and operations teams for Ant International’s businesses globally. The Data Privacy Counsel will work with such parties to implement and monitor data protection and privacy policies and ensure compliance with applicable data privacy law and regulations.

Compliance

• Advise on and help manage privacy compliance programme for Ant International’s business across EMEA, including reviewing and drafting privacy notices and privacy policies, managing data access and data subject requests, and conducting internal training on data protection and privacy.
• Understand and interpret applicable privacy laws and other legal and regulatory requirements and licensing conditions with respect to data protection and privacy, and work with other legal and compliance teams, business teams, as well as Info-security, IT and customer services to implement privacy requirements.
• Monitor, analyse and respond to developments in data protection and data security in the EMEA region (i.e., new laws, regulations, important judgments, regulatory guidance, etc.) and provide practical legal advice in cross-functional, multinational projects to ensure compliance with applicable laws and to mitigate legal risks across multiple jurisdictions.

Product

• Provide privacy support to new product launches and initiatives in the EMEA region such as attending product initiative meetings, analysing products and initiatives and assessing privacy risks across multiple jurisdictions, advising on the data privacy issues, and providing practical solutions to mitigate privacy risks, taking into account possible product roll‑out in other jurisdictions.
• Assess and advise on any data privacy related initiatives and ongoing projects in EMEA, and provide practical solutions to mitigate privacy risks.
• Coordinate surveys with external counsel across different jurisdictions to meet tight product launch timelines.

Other duties

• Assessing legal risk, performing privacy impact assessments and maintaining privacy‑related internal assessments and records.
• Training employees on data privacy laws and practices, conducting legitimate interest assessments.
• Assisting with incident reporting and investigation, collaborating with product counsel to ensure legal requirements and privacy controls are implemented in products.
• Support audit exercises, due diligence exercises and license application processes.

Requirements

• Qualified to practice law in the UK (preferred) or other European jurisdictions.
• 5-10 years of relevant post-qualification legal experience (e.g. at a law firm or as in‑house counsel) in Corporate M&A and Commercial law.
• Privacy experience is essential.
• Strong commercial awareness with an understanding of the value drivers of the business.
• Demonstrated ability to work independently in fast‑paced environment and provide pragmatic and considered advice under tight deadline.
• Possess a practical approach to problem‑solving and be able to counsel internal clients with clear, concise and creative advice.
• A team player who can effectively work with international stakeholders cooperatively and efficiently.
• Experience in financial services (preferred but not essential).