Senior Counsel, Privacy & AI Governance

Treasure AI is the agentic experience platform built to acquire, retain, and grow your most valuable customers. Powered by AI, Treasure AI is shaped by human creativity and always-on through continuous, context-driven action. Furthermore, Treasure AI employees are enthusiastic, data-driven, and customer-obsessed. We are a team of drivers—self-starters who take initiative, anticipate needs, and proactively jump in to solve problems. Our actions reflect our values of honesty, reliability, openness, and humility.

The Senior Counsel, Privacy & AI Governance will support the day-to-day management and continuous improvement of Treasure AI’s global privacy program and contribute to the development and operationalization of its AI governance program. This is an AI-forward role: the Senior Counsel is expected to actively use, evaluate, and champion AI tools and emerging technologies to automate, accelerate, and improve the quality of the company’s privacy and data protection processes — from assessments and contract review to incident response and regulatory monitoring — and to help ensure compliance with applicable global privacy, data protection, and related AI regulatory requirements. The role will report to the Global Head of Privacy (based in the UK).

Responsibilities

• Support the day-to-day operation and continuous improvement of Treasure AI’s global privacy program, including the implementation of privacy policies, standards, and controls across functions.
• Lead and coordinate privacy assessments, including DPIAs, PIAs, LIAs, transfer assessments, and other reviews, as appropriate.
• Maintain and help enhance Records of Processing Activities (RoPA) and other privacy compliance documentation.
• Support the implementation and ongoing development of privacy governance, data governance, and AI governance frameworks and controls.
• Provide practical, risk-based advice on compliance with applicable privacy and data protection laws and regulations, including UK GDPR, EU GDPR, CCPA/CPRA, and other relevant regional requirements.
• Draft, review, and negotiate data processing agreements (DPAs) and privacy-related provisions in commercial contracts.
• Oversee or support the intake, assessment, and response to data subject rights requests in accordance with applicable legal requirements and internal procedures.
• Coordinate with Legal, IT, Security, and relevant business stakeholders on the investigation, documentation, escalation, and remediation of privacy incidents and breaches.
• Help design, improve, and where appropriate lead initiatives to automate and scale privacy and AI governance policies, procedures and related workflows.
• Develop and deliver privacy training and awareness materials for internal stakeholders; support initiatives to foster AI literacy and promote a culture of privacy, accountability, and responsible data use across the organization.

Job Requirements

• Qualified lawyer in at least one relevant jurisdiction.
• Typically at least 4 years of relevant experience in privacy, data protection, compliance, or risk management roles.
• Strong practical knowledge of GDPR and experience supporting privacy compliance in a multi-jurisdictional environment.
• Experience conducting privacy assessments.
• Experience drafting and negotiating DPAs and privacy-related contractual provisions.
• Demonstrated familiarity with use of AI tools in day-to-day privacy work, and a track record for identifying and operationalizing automation opportunities.
• Experience working with legal operations, engineering, or product teams to design and deploy automated workflows is a strong plus.
• Familiarity with privacy management platforms, operational privacy processes, and AI-enabled legal/privacy tooling; experience with OneTrust or similar tools is an advantage.
• In-house experience at a technology company is preferred.
• Privacy certification such as CIPP/E, CIPM, or similar is desirable but not required.

Physical Requirements

Working out of the London, UK office according to our “Global Hybrid Working Policy.”

Travel Requirements

You may be asked to travel outside of the UK no more than two or three times per year.

Perks and Benefits (UK)

• Competitive compensation packages
• Salary Sacrifice pension plan with 7% employer match
• Supplemental medical and dental cover offered & 5X annual salary for life cover provided
• Restricted Stock Units (RSU)
• Up to 26 weeks paid parental leave including a post-partum night nurse
• Comprehensive support and access to care for everyone, everywhere through Carrot - our global reproductive health and family-building benefit.

Our Dedication to You

We value and promote diversity, equity, inclusion, and belonging in all aspects of our business and at all levels. Success comes from acknowledging, welcoming, and incorporating diverse perspectives. Diverse representation alone is not the desired outcome. We also strive to create an inclusive culture that encourages growth, ownership of your role, and achieving innovation in new and unique ways. Your voice will be heard, and we will help amplify it.

Agencies and Recruiters

We cannot consider your candidate(s) without a contract in place. Any resumes received without having an active agreement will be considered gratis referrals to us. Thank you for your understanding and cooperation!