Data Protection Administrator in Paisley

We are looking for a Data Protection Administrator who will play a key role in supporting the organisation's compliance with data protection legislation by managing the day-to-day handling of data subject rights requests. This role is highly process-driven and detail-focused, with responsibility for supporting the end-to-end processing of a high volume of requests from individuals exercising their data protection rights. The role requires accuracy, consistency, and the ability to work to statutory deadlines while handling sensitive personal data appropriately.

Location: Either Edinburgh Office Verdant 2, Redheughs Rigg South Gyle EH12 9DQ or Linwood depot East Avenue, Paisley PA1 2FD - Hybrid

Shift Pattern: MONDAY - FRIDAY

Hours: 09.00am - 17.00pm - 36.25hrs per week

Salary: Depending upon experience

What you'll be doing:

• Data Subject Request Processing
  • Support the end-to-end handling of all data subject rights requests, including but not limited to:
  • Data Subject Access Requests (DSARs)
  • Data Erasure requests
  • Data Rectification requests
• Maintain clear, organised records of all Data Subject Rights activity to support accountability and compliance reporting and record-keeping.
• Support the preparation of accurate and compliant responses to data subjects, and ensure responses are issued within statutory timeframes.
• Escalate complex, sensitive, or high-risk issues to the Data Protection Officer as appropriate.

Data Retrieval

• Assist with identifying, retrieving, and collating personal data held across multiple internal systems to support responses to DSARs.
• Work closely with internal teams and system owners to gather relevant information within required timeframes.
• Compile data into response packs for final review by the Data Protection Officer.
• Ensure only relevant personal data is included in disclosures.

Data Review & Validation

• Carry out initial reviews of retrieved data to ensure completeness, relevance, and accuracy prior to response.
• Conduct detailed and accurate redaction of sensitive or exempt information in line with UK GDPR requirements.
• Review retrieved data to identify information within scope of the request and remove duplicate or irrelevant data in line with data protection principles.
• Carry out redaction of personal data where required, including third-party information and data exempt from disclosure.
• Maintain accurate records of requests, actions taken, redactions applied, and deadlines to support audit and compliance requirements.

Cross-Team Coordination

• Work closely with internal teams and system owners, including Customer Support, IT, and Operations, to obtain relevant information for DSARs, and where required for the fulfilment of other data subject rights requests.
• Follow up on outstanding information requests.

Tracking & Reporting

• Maintain request trackers to support effective monitoring and timely completion of data subject rights requests.
• Support the preparation of monthly metrics and reporting on request volumes.
• Contribute to the continuous improvement of DSAR processes, templates, and tracking methods.

What This Role Involves (Important to Know)

• This role involves working through a high volume of requests on an ongoing basis across the wider group of companies.
• Searching through large datasets and multiple internal systems to identify personal data that falls within scope of data subject rights requests.
• A careful, methodical approach and strong attention to detail when reviewing, redacting, and preparing data for disclosure.
• Consistent adherence to structured processes, guidance, and checklists to ensure requests are handled accurately and in line with legal requirements.
• The work is detail-focused and process-driven, and accuracy is critical.

What we need from you:

Skills & Experience

• Essential
  • Strong administrative skills with a high level of accuracy and attention to detail.
  • Ability to search, review, and work through large datasets across multiple systems in a methodical way.
  • Ability to follow defined processes, procedures, and checklists consistently.
  • Strong organisational skills and experience managing structured, case-based work or high-volume requests within set deadlines.
  • Good written communication skills and the ability to record actions clearly and accurately.
  • Ability to work independently on repetitive tasks while maintaining accuracy.
• Desirable
  • Familiarity with UK General Data Protection Regulation or Data Protection principles.
  • Experience working with CRM platforms, customer service systems, data or reporting tools.
  • Experience working in a data protection, compliance, legal, or regulatory environment.
  • Familiarity with data subject rights under UK GDPR and the Data Protection Act 2018.
  • Experience supporting or processing data subject rights requests (DSARs) is highly desirable.
  • Experience maintaining logs, trackers, or case management systems.

Personal Attributes

• Highly detail-focused, with a careful and methodical approach to work.
• Comfortable working through repetitive, accuracy-critical tasks as a core part of the role.
• Well organised, with the ability to manage multiple requests and deadlines simultaneously.
• Professional, discreet, and trustworthy when handling sensitive and confidential information.
• Calm and resilient when working under time pressure or with high workloads.
• Able to work independently while recognising when issues need to be escalated.
• Proactive and conscientious, with a strong sense of responsibility for accuracy, deadlines, and data handling.

We love to reward our people for the great work they do:

• Build a secure future with a competitive Pension Scheme.
• Peace of mind with Life Insurance.
• Stay active with our Cycle2Work scheme.
• Get the support you need with our Employee Assistance Program.

The InPost process:

We pride ourselves on our candidate experience. We want to make this as straightforward as possible, for you and for us! We will try our best to get back to you within a few days to let you know if we'd like to take you to the first stage. This normally involves a 20-30 minute chat with our Talent Team. If you are successful after this stage, there will generally be another two stages including a site visit. Throughout our process, you will get the opportunity to meet a cross-section of our friendly team members to get a sense of our culture, and a good understanding of the role, team and business. Your talent partner will guide you through each stage. At InPost, we love uniqueness. Our strength is our people. We strive to create an open, equal, inclusive environment in which everyone has the opportunity to flourish and be themselves.