Data Protection Officer - Head Office in Birmingham

Everyone who works at Lidl brings something unique to the table - but we also have a whole lot in common. We’re curious, collaborative and ready to make a tangible impact on where we work. Just like you.

In this role, your focus will be providing expert advice on key privacy legislation and regulations, including the UK GDPR, Data Protection Act 2018, and the Privacy & Electronic Communications Regulations. You’ll support the Director of Legal and Compliance in implementing a Compliance Management System, assisting the wider Data Protection Team with complex compliance matters, and ensuring adherence to data protection requirements across the organisation.

Lidl offers a hybrid working model with three days or more in the office (with an on-site gym, restaurant, and more) and up to two days at home to support work/life balance.

What you’ll do:

• Provide advice to the business on all Data Protection matters, working with Internal Stakeholders to enable compliant project delivery and robust procedures.
• Keep up to date with legislative changes and case law, applying appropriate updates to policy and process.
• Educate and advise Key Business Stakeholders on Data Protection risk.
• Continually develop Training and Awareness material through e-Learning and bespoke training delivery.
• Ensure the Data Protection Team manage Data Subject Rights and respond to Data Breaches escalating immediately to you.
• Be the point of contact for the Information Commissioner’s Office (ICO) and provide full co-operation.
• Maintain an efficient system for managing ROPAs, completion of DPIAs and LIAs.
• Review Contracts and Data Protection Agreements with Third Party Suppliers.
• Work with Key Stakeholders to manage the completion of Internal Audits and External Audits with Third Party Suppliers.
• Liaise closely with our International Colleagues regarding Group wide data processing activities.

What you’ll need:

• Expert knowledge of Data Protection and privacy legislation.
• Extensive experience in a Data Protection / Privacy Management role.
• Experience managing and responding to contentious data subject access requests and complaints.
• Experience managing complex Data Breaches.
• Knowledge of ISO 27001 and PCI-DSS.
• Ability to evaluate multiple complex tasks and assess Data Protection risk in a fast-paced environment under tight deadlines.
• Experience implementing data privacy compliance frameworks in an organisation.
• A confident and resilient approach capable of working closely with the highest levels of the business in the UK and internationally.
• Excellent presentation and communication skills.

What you’ll receive:

• 35 days holiday (pro rata).
• Company car or car allowance.
• 10% in-store discount.
• Sabbatical.
• Enhanced family leave.
• Pension scheme.
• Includes a 10% non-contractual London weighting.
• Plus, more of the perks you deserve.

We value diversity, equity, and inclusion, welcoming applicants from all backgrounds. Join us to celebrate individuality and grow in a fair, respectful, and inclusive environment.

Disclaimer: due to the high volume of applications we receive, we reserve the right to close a vacancy earlier than the advertised date. This is to ensure our teams can manage application levels while maintaining a positive candidate experience. Once a vacancy has closed, we are unable to consider further applications, so please submit your application as soon as possible to avoid disappointment.