Privacy Officer (Advisory)

The Privacy Officer (Advisory) will support the delivery of the privacy programme across Super Group’s global business, as well as developing and promoting good personal data governance and a privacy‑first culture within the business. They will support the Privacy Manager(s) in providing advisory services to nominated Group entities. They may also act as the Lead Advisor to specific entities, liaising with relevant key stakeholders and being actively involved in reporting to and advising the related Boards of Directors and Executive Committees for those entities as appropriate. They will be directly responsible for ensuring that advice and support to the business is provided in a pragmatic, timely and consistent manner not only to these nominated entities but across all group entities supported by the Privacy team as required. They will ensure that regular activity reports are provided to the Privacy Manager and that any required escalations to the Group Data Protection Officer are made in a timely manner.

What you’ll do

• Supporting the Privacy Manager(s) on providing advice and support to nominated Super Group / SGHC entities, liaising with relevant stakeholders across the business as appropriate.
• Representing the Group Privacy Team at relevant nominated entities’ Committees and Board Meetings as appropriate.
• Supporting other members of the Privacy Advisory team in providing services to their nominated entities as required to ensure timely and consistent services are provided across the Group.
• Providing input to the development of Group‑wide Privacy Frameworks, Policies, Procedures and Processes.
• Monitoring compliance with the EU / UK GDPR, PECR and any other relevant data protection laws.
• Providing input to the development, review and oversight of appropriate Group‑wide policies and procedures for data privacy.
• Providing support in ensuring privacy programme processes and procedures are established and adhered to across all brands, jurisdictions and offices.
• Providing expert input into projects with regulatory impacts.
• Creating and maintaining internal records and logs of control status, overall compliance levels, consent management and Records of Processing Activities.
• Supporting the Privacy Manager(s) in ensuring that the nominated entities’ Register of Processing Activities are reviewed and updated on a regular basis.
• Providing the business with commercially aware advice and support on data protection, based on expert knowledge and empirical evidence.
• Being a key stakeholder and advisor in business wide projects.
• Maintaining an expert knowledge of data privacy legislation, regulations and best practice.
• Maintaining strong knowledge of regulatory frameworks and risk treatment and mitigation strategies.
• Supporting and advising the IT/IS teams to ensure we meet requirements of Article 32 of GDPR.
• Providing support in ensuring that privacy related training and awareness is maintained across the business.
• Providing expert input into the development of strategies and relationships to mitigate the risk of data processors employed by SGHC companies.
• Reviewing and advising on privacy impact assessments to ensure privacy by design and privacy by default.
• Being an escalation point for any security incidents affecting personal data.
• Being a proactive advocate and brand ambassador of the Privacy Programme across the business and push for the delivery of its objectives, through training enhancements and privacy framework enhancements.
• Assisting in ad hoc duties as and when required.

This list covers your core responsibilities – with plenty of room to stretch, explore and take on new challenges as we grow.

What you’ll bring

• Clear, confident communication (written and verbal), and the ability to breakdown complex ideas.
• A collaborative mindset, working smoothly with cross‑functional teams to hit shared goals.
• Strong organisational skills and the ability to manage multiple projects without dropping the ball.
• Exceptional attention to detail and a commitment to high‑quality work.
• Adaptability – you stay sharp, productive and positive in fast‑moving environments.
• Minimum of 4 years’ experience in a data protection role.
• Previous experience in a privacy role in a multinational or global organisation (ideally for a predominantly online B2C business).
• Exceptional attention to detail & accuracy in all aspects of the role in high pressure and time constrained working environments.
• Ability to create and document operational processes and procedures.
• Experience in monitoring data protection controls and identification of risks.
• Track record of delivering on a range of privacy programmes within a commercial environment.
• Demonstrable experience developing, and delivering on, a strategic plan.
• Experience in managing and reporting data breaches / incidents, and advising on remedial action.
• Exceptional communication and influencing skills and ability to act as advocate for establishing the privacy programme throughout the business.
• Knowledge of the Information Security or Cyber Security domains, whilst always putting Privacy first.
• Proven ability to interface professionally and effectively with regulators, legal advisors & external companies.
• Ability to provide commercially astute risked‑based advice and recommendations for business.
• Good working knowledge of industry standards such as ISO27001, NIST and SANS.
• Privacy qualifications such as the CIPP/E and/or CIPM.

Desirable skills you’ve got up your sleeve

• In-depth knowledge of sports betting markets, including odds calculation, betting types and market trends.
• Previous experience in the online gaming or casino industry, with a strong understanding of player behaviour and industry regulations.
• Familiarity with gambling regulations and compliance requirements in various jurisdictions, ensuring adherence to legal standards.
• Experience in developing and executing customer retention strategies.
• Strong knowledge of the online gambling industry.
• Experience running a Working Group or Committee.
• Good understanding of project and programme methodologies such as Prince2 and Agile.
• Experience reviewing contracts.
• Knowledge of wider regulatory requirements such as gambling regulation and money laundering.
• Knowledge of auditing frameworks and international standards, such as ISO 27001 and PCI DSS.
• Media trained and comfortable representing the business at external events.
• Ability to work effectively under pressure and to manage sensitive and confidential information.

Our values are non‑negotiables

• Ownership and accountability.
• Initiating action.
• Resilience.
• Team orientation.
• Integrity.

What you’ll get back

• Supergrowth is real here. Our learning and development programmes give you the tools, training and opportunities to level up fast.
• Your progress matters. Our Performance tool ensures you get meaningful feedback to support your development and superdrive your career.
• Support that has your back. Our Employee Assistance Programme offers resources for you and your family.
• Vitality Health Care.
• Life Assurance & Income Protection.
• Cycle to Work.