Deputy Data Protection Officer - Legal in Nottingham

Contract: Fixed Term Contract - 6 months

Location: Nottingham Support Office

Start Date: ASAP

Boots is seeking an experienced and proactive Deputy Data Protection Officer to support and drive our privacy compliance programme on a 6-month maternity cover contract. Reporting into the Compliance and Privacy Director - The Boots Group and being a member of the Boots Legal and Compliance team, you will play a key role in ensuring that Boots continues to meet its obligations under data protection laws and demonstrates robust privacy practices across all areas of the business in the UK and Ireland. You will partner with key business units, IT, Legal, and senior leadership to embed privacy by design and provide expert advice on data protection risks, practices, and strategies. This role offers a unique opportunity to contribute to the shaping of a mature and forward-thinking privacy culture in a highly customer-focused, multi-national organisation.

Responsibilities

• Oversee and manage Boots' privacy compliance programme.
• Provide expert advice and support to business units, IT, Legal, and executive stakeholders on data protection obligations and best practices.
• Develop, implement, and maintain data protection policies, processes, and training across the organisation.
• Conduct data privacy impact assessments (DPIAs), risk analyses, and support incident response planning and breach reporting procedures.
• Monitor developments in privacy legislation (e.g. UK GDPR, EU GDPR, and other applicable frameworks) and recommend necessary updates to practices and policies.
• Support internal audits and assurance activities related to data privacy compliance.
• Promote awareness and understanding of data protection across all levels of the organisation through training, guidance, and ongoing support.
• Collaborate with third-party vendors and partners to ensure adequate data protection controls are in place.

Qualifications

• Demonstrable experience developing and implementing data protection policies and compliance strategies.
• Strong understanding of UK GDPR, EU GDPR, and other relevant privacy legislation and standards.
• Excellent communication and influencing skills, with the ability to translate complex legal concepts into clear, practical advice.
• Proven ability to work collaboratively across functions and with senior stakeholders.
• Strong organisational skills and attention to detail.
• Professional certification (e.g. CIPP/E, CIPM, or equivalent) is desirable.

Benefits

• Generous employee discounts
• Flexible benefits scheme including option to buy additional holiday, discounted gym membership, life assurance, activity passes and much more.
• Access to free, 24/7 counselling and support through TELUS Health, our Employee Assistance Programme.

We have a great range of benefits in addition to the above that offer flexibility to suit you - find out more at boots.jobs/rewards. Exclusions may apply, eligible roles only.

At Boots, we foster a working environment where consideration and inclusivity help everyone to be themselves and reach their full potential. We are proud to be an equal opportunity employer, passionate about embracing the diversity of our colleagues and providing a positive and inclusive working environment for all. As the heart of everything we do at Boots, with you, we change for the better.

Your application will be reviewed by our Recruitment Team and you will be notified on next steps. Where a role is advertised as full-time, we are open to discussing part-time and job share options during the application process. If you require additional support as part of the application and interview process, we are happy to provide reasonable adjustments to help you to be at your best.

Boots is a Ban the Box employer and will consider the suitability of applicants with criminal convictions on a case-by-case basis.