Data Privacy Analyst

Summary

Join Prolific, a leader in AI human data infrastructure, as a Data Privacy Analyst supporting the Legal and Infosec team. You will play a key role in upholding data privacy standards, ensuring personal data is managed according to laws, regulations, and best practices. This fast-paced role requires a self-starter with excellent communication skills to collaborate across teams and drive a culture of privacy. You will handle data subject requests, maintain compliance documentation, conduct assessments, advise on data privacy, and assist with incident handling and training. The position offers the opportunity to contribute to a mission-driven company at the forefront of AI innovation. Prolific provides a competitive salary, benefits, and remote work options.

Requirements

• Proven experience working within privacy compliance
• Strong knowledge of data protection principles and privacy frameworks (e.g. UK and EU GDPR)
• Experience assisting with an organisation’s data privacy compliance programme or initiatives
• Experience handling data subject rights requests (e.g., access, deletion, rectification)
• A passion for data privacy
• Experience working with and supporting multiple stakeholders, and in particular, an ability to engage and advise stakeholders at all levels
• Attention to detail and well-developed analytical skills
• Excellent organisational skills and ability to prioritise workload
• An energetic and proactive approach with the ability to use initiative on tasks and projects
• Ability to work autonomously as well as part of a team when required
• Ability to work under some pressure and adopt a commercial approach where necessary

Responsibilities

• Building a good understanding of Prolific’s operations and objectives, and how data privacy compliance and information security can support and enable these
• Handling and responding to data subject rights requests (e.g., SARs, deletion requests, etc) within statutory timeframes, as well as other privacy-related queries, requests and complaints
• Compiling and maintaining our Record of Processing Activities (ROPA) and other compliance documentation to support our accountability obligations
• Completing Data Protection Impact Assessments and Legitimate Interests Assessments, and liaising with different stakeholders to obtain further information on data processing activities where necessary
• Providing advice and guidance from the business on data privacy queries
• Helping to develop, update and embed internal and external policies, guidelines, processes and practices relating to data privacy
• Assisting with the investigation and handling of personal data incidents, and associated record-keeping
• Assisting with the provision of internal data privacy training and communications, including supporting and working closely with data privacy champions across the business
• Monitoring the effectiveness of data privacy controls and processes, tracking key trends, and assisting with the preparation of reports for management
• Reviewing and completing supplier due diligence forms (and similar)
• Supporting the development and implementation of our information security programme and practices, including certifications (e.g. ISO27001)
• Supporting the wider Legal and Infosec team with ad-hoc tasks and project work from time to time

Preferred Qualifications

• Professional certification (e.g. IAPP CIPP or equivalent)
• Relevant experience within a tech or digital business
• US data privacy experience

Benefits

• Competitive salary
• Benefits
• Remote working