Data Protection Officer (DPO)

London, England, United Kingdom Full-time

What will you do at OYO? 


The successful candidate will be part of the legal team, and will report to the Legal Director.


Key responsibilities will include:


  • Reviewing and monitoring OYO’s compliance with domestic and European Data Protection legislation, and ensuring that future changes in legislation are incorporated into OYO’s data protection framework;


  • Dealing with all Subject Access Requests, and identifying and mitigating any areas at risk of data breach;


  • Working with OYO’s internal teams to further integrate ‘privacy by design’ and other data protection principles into OYO products and decision-making framework.


  • Working closely with the Marketing, Technical, Legal, Operations and HR teams to improve policies and procedures and implement company-wide training where required.


What you will bring to OYO?


  • A certified data practitioner with a minimum of 4 years’ experience of data compliance;


  • Experience within a reputable multi-site hotel, restaurant, gym or retail company with an international presence would be advantageous;


  • A good understanding of the GDPR, Data Protection Act 2018, Privacy and Electronic Communications Regulations (PECR) and other applicable UK and European data protection laws and regulations is essential;


  • Strong Technical experience and an ability to understanding international data flows and security and encryption requirements, and a good understanding ISO 27001 and how those fit into the data protection scheme.

Good academic background and analytical skills, commercial awareness and an ability to work at pace.


We are an equal opportunity employer and all applicants will receive consideration for employment without regard to any characteristic protected by law.