Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Data Protection Officer Legal · Head Office · in Manchester
Job Board
Companies
Merry Hill Group
Data Protection Officer Legal · Head Office ·

Data Protection Officer Legal · Head Office · in Manchester

Manchester Full-Time 50000 - 60000 £ / year (est.) No home office possible
Go Premium
Merry Hill Group

At a Glance

  • Tasks: Ensure compliance with data protection laws and manage data risks in a retail environment.
  • Company: Join Footasylum, a leading UK retailer in streetwear and sportswear.
  • Benefits: Competitive salary, dynamic work culture, and opportunities for professional growth.
  • Other info: Collaborate with diverse teams and engage with regulators in a fast-paced environment.
  • Why this job: Make a real impact on data protection in a trendy retail setting.
  • Qualifications: Strong knowledge of UK GDPR and experience in data protection roles.

The predicted salary is between 50000 - 60000 £ per year.

Footasylum is a leading UK-based retailer specialising in streetwear and sportswear, committed to delivering innovative and trend-setting products to our customers, with a strong focus on digital transformation and data-driven decision-making. The Data Protection Officer (DPO) will be responsible for overseeing and ensuring compliance with the UK GDPR, the Data Protection Act 2018, and other applicable privacy and data protection legislation within a Retail Fashion environment. Reporting directly to Legal Counsel, the DPO will act independently, providing expert advice on data protection risks arising from customer, employee, supplier, e‑commerce, loyalty, and marketing data processing activities. The role will act as the primary point of contact for the Information Commissioner’s Office (ICO) and data subjects.

Responsibilities

  • Governance & Compliance
    • Ensure ongoing compliance with UK GDPR, the Data Protection Act 2018, and other applicable privacy legislation.
    • Monitor and report on compliance risk, breaches and compile internal data protection policies.
    • Develop, implement, and maintain Footasylum’s data protection policies, procedures, standards, and guidance including stores, online platforms, and head office operations.
    • Maintain accurate Records of Processing Activities (RoPA), including customer, marketing, supplier, and workforce data.
    • Monitor regulatory developments and advise the business on their impact.
  • Retail & Commercial Advisory
    • Provide specialist data protection advice relating to customer and loyalty programmes, e‑commerce and digital platforms, marketing, CRM, and profiling activities, CCTV and in‑store technologies, and workforce and HR data.
    • Advise on privacy by design and by default for new retail initiatives, store rollouts, system changes, and third‑party integrations.
    • Support Legal Counsel with data protection matters, including contracts, supplier risk, and data processing agreements.
  • Risk Management & Assurance
    • Lead and review Data Protection Impact Assessments (DPIAs) where required.
    • Conduct audits, compliance reviews, and risk assessments across retail, head office, and digital operations.
    • Identify data protection risks and recommend practical, commercially aligned mitigation actions.
  • Incident & Breach Management
    • Lead the management of personal data breaches, including investigation, documentation, and notification to the ICO where required.
    • Act as a key advisor during incidents, ensuring timely, compliant, and proportionate responses.
    • Oversee post‑incident reviews and improvements.
  • Training & Awareness
    • Design and deliver data protection training programmes for retail, head office, and digital teams.
    • Promote a strong data protection culture across the organisation.
  • Stakeholder & Regulator Engagement
    • Act as the primary contact for the ICO and other relevant authorities.
    • Manage and oversee responses to Data Subject Access Requests (DSARs), complaints, and regulatory enquiries.
    • Work closely with IT, HR, Marketing, E‑commerce, and Procurement teams.

Skills / Experience

Essential

  • Strong working knowledge of UK GDPR and the Data Protection Act 2018.
  • Demonstrable experience in a data protection, compliance, legal, or information governance role.
  • Experience advising on DPIAs, DSARs, and breach management, including third parties.
  • Ability to translate legal and regulatory requirements into practical guidance.
  • Strong communication and stakeholder management skills.

Desirable

  • Experience working within the Retail Fashion sector or a consumer‑facing retail environment.
  • Understanding of retail customer data, marketing consent, profiling, and e‑commerce data risks.
  • Experience engaging with the ICO or other regulators.

Data Protection Officer Legal · Head Office · in Manchester employer: Merry Hill Group

Footasylum is an exceptional employer that champions a vibrant work culture, fostering innovation and collaboration within the dynamic retail fashion sector. As a Data Protection Officer at our Head Office, you will benefit from comprehensive training programmes, opportunities for professional growth, and the chance to make a significant impact on our data protection practices while working in a forward-thinking environment focused on digital transformation.
Merry Hill Group

Contact Detail:

Merry Hill Group Recruiting Team

View Merry Hill Group Profile

StudySmarter Expert Advice 🤫

We think this is how you could land Data Protection Officer Legal · Head Office · in Manchester

Tip Number 1

Network like a pro! Get out there and connect with people in the retail and data protection sectors. Attend industry events, join relevant online forums, and don’t be shy to reach out on LinkedIn. You never know who might have the inside scoop on job openings!

Tip Number 2

Show off your expertise! Prepare to discuss your knowledge of UK GDPR and the Data Protection Act 2018 in interviews. Bring real-life examples of how you've tackled data protection challenges before. This will demonstrate your value and make you stand out from the crowd.

Tip Number 3

Practice makes perfect! Conduct mock interviews with friends or family to refine your answers and boost your confidence. Focus on articulating your experience with DPIAs, DSARs, and breach management clearly and concisely.

Tip Number 4

Apply through our website! We love seeing applications directly from candidates who are genuinely interested in joining us. Tailor your application to highlight your skills in compliance and risk management, and let us know why you're excited about working in the retail fashion sector.

We think you need these skills to ace Data Protection Officer Legal · Head Office · in Manchester

UK GDPR
Data Protection Act 2018
Compliance Monitoring
Data Protection Policies Development
Records of Processing Activities (RoPA)
Data Protection Impact Assessments (DPIAs)
Incident Management
Data Subject Access Requests (DSARs)
Stakeholder Management
Communication Skills
Risk Assessment
Training Programme Design
Privacy by Design
Retail Sector Knowledge
Regulatory Engagement

Some tips for your application 🫡

Tailor Your CV: Make sure your CV is tailored to the Data Protection Officer role. Highlight your experience with UK GDPR and the Data Protection Act 2018, and don’t forget to mention any relevant retail or compliance experience. We want to see how you can bring your skills to our team!

Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about data protection and how your background makes you a perfect fit for Footasylum. Be sure to connect your experiences to the responsibilities listed in the job description.

Showcase Your Communication Skills: As a DPO, strong communication is key. In your application, demonstrate how you've effectively communicated complex data protection concepts to various stakeholders. We love seeing examples of how you’ve made a difference through clear and concise communication!

Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us that you’re keen on joining our team at Footasylum!

How to prepare for a job interview at Merry Hill Group

Know Your GDPR Inside Out

Make sure you brush up on your knowledge of the UK GDPR and the Data Protection Act 2018. Be ready to discuss how these regulations apply specifically to retail environments, as well as any recent developments in data protection legislation that could impact Footasylum.

Showcase Your Practical Experience

Prepare examples from your past roles where you've successfully managed data protection compliance or handled incidents. Highlight your experience with DPIAs, DSARs, and breach management, especially in a retail context, to demonstrate your hands-on expertise.

Communicate Clearly and Confidently

Strong communication skills are key for this role. Practice explaining complex legal concepts in simple terms, as you'll need to advise various teams across the business. Think about how you can convey your ideas clearly during the interview.

Engage with Stakeholders

Be prepared to discuss how you would engage with different stakeholders, including the ICO and internal teams like IT and HR. Show that you understand the importance of collaboration in promoting a strong data protection culture within the organisation.

Data Protection Officer Legal · Head Office · in Manchester
Merry Hill Group
Location: Manchester
Go Premium

Land your dream job quicker with Premium

You’re marked as a top applicant with our partner companies
Individual CV and cover letter feedback including tailoring to specific job roles
Be among the first applications for new jobs with our AI application
1:1 support and career advice from our career coaches
Go Premium

Money-back if you don't land a job in 6-months

>