LHV Bank, a fully licensed UK bank, specialises in Banking Services for global fintechs and SME Lending solutions for UK businesses. The SME Lending division offers commercial real estate investment loans and trading loans from £0.5m to small and medium-sized businesses in the UK.
As a leading Banking Services provider, LHV Bank delivers a wide range of services, including real-time multi-currency payments, accounts, acquiring, indirect scheme access, open banking, and FX solutions. Over 200 renowned fintech companies, such as Airwallex, Currencycloud, Truelayer, and Wise, utilise LHV Bank to serve more than 10 million end customers and access a pool of 500 million potential customers across the UK and Europe.
LHV Bank gained its UK banking licence in May 2023 and launched into the retail savings market through deposit aggregators in August 2023. It is in the process of developing its direct to customer retail banking proposition for launch in 2024. More information: lhv.com
We are looking for a Data Protection Officer to join our team in London. The role will report into the Chief Compliance Officer and work closely with the Head of Information Security, Data Protection Champions and other key stakeholders to meet LHV Bank’s data protection and data processing requirements. The DPO will have direct responsibility to the Bank’s Board of Directors for data protection and must ensure that good governance, oversight and reporting is in place.
Responsibilities:
* Act as DPO to meet LHV Bank Limited’s obligations under the UK Data Protection Act 2018, and support the bank in meeting its European Union (EU) General Data Protection Regulation (GDPR) data processing requirements for AS LHV Pank.
* Monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under UK and EU GDPR.
* Provide advice and guidance to business function colleagues, create and maintain policies and procedures, raise awareness of data protection issues, conduct staff training, and ensure monitoring and internal audit activity is in place.
* Advise on and monitor data protection impact assessments, as completed by business functions.
* Be the first point of contact for the Information Commissioner’s Office (ICO) and individuals whose data is processed by the bank.
Policy and Procedures:
* Implement measures and a privacy governance framework to manage personal data in compliance with UK and EU GDPR. Work with relevant functions to develop templates for data collection, assist with data mapping, and conduct vendor management reviews.
* Maintain Records of Processing Activity (ROPA) and assessment of lawful basis, data breach assessments, and final DPIA records in conjunction with business functions.
* Support business functions with the development of relevant procedures, ensuring Consumer Duty obligations are taken into account.
* Review projects and related data to ensure compliance with local data privacy laws, providing advice on, and reviewing privacy impact assessments where necessary.
* Assist in reviewing and updating privacy notices, controller-processor contracts, data mapping, and privacy by design and default practices.
* Serve as the primary point of contact for queries in the business.
* Collaborate with Legal and Information Security in relation to vendor contracts and consents needed to implement projects and change initiatives.
* Support with data-related complaint management, subject access requests, notifications, claims and ensure retention of appropriate records.
* Monitor changes to local privacy laws and industry standards, leveraging the Bank’s existing horizon scanning framework. Make recommendations for relevant updates to practices.
Training and Awareness:
* Develop strategies and initiatives to raise awareness of data protection requirements.
* Develop and deliver privacy training to various business functions.
* Collaborate with the Information Security function to raise employee awareness of data privacy and security issues.
* Support data champions in the development of expertise.
Reviews and Investigations:
* Investigate data protection issues and/or breaches when necessary, assessing whether external reporting is required, and the actions required to address any issues.
* Work closely with Compliance Monitoring, Risk Management, and Internal Audit to ensure coordinated assurance in place to provide effective oversight of data protection.
Governance:
* Participate in relevant Bank forums and committees, ensuring data protection matters are considered and reported accurately.
* Provide reporting to Group and AS LHV Pank, as needed, including through the Intra-Group Agreement for the services provided by LHV Bank Limited to AS LHV Pank.
* Ensure relevant Board members are aware of potential issues, escalating directly where necessary.
Skills & Experience:
* Hold at least one Data Protection and/or Privacy certification, such as CIPP, CIPT, C-DPO.
* Experience in UK and EU GDPR, ideally within a retail banking environment.
* Ideally operated at DPO level or looking for the next move to DPO.
* Sound knowledge of best practice data protection and privacy frameworks, policies, and methodologies.
* Good knowledge of information technology and data management systems.
* Strong report- and policy/procedure-writing experience.
* Highly motivated individual capable of working on own initiative.
* Strong stakeholder and interpersonal skills, including collaboration.
* Excellent attention to detail.
* Ability to identify risks and implement solutions to mitigate those risks.
* Ability to challenge constructively and enforce appropriate boundaries.
* Accountable for own decisions and actions whilst respectful of the professional responsibilities of others.
* Ability to handle confidential and sensitive information with appropriate discretion.
Some of our benefits:
* Competitive salary & progression
* Open and inclusive culture
* Hybrid working
* Fantastic offices and great working environment
* Vitality Health Plan (includes private health insurance, travel insurance, gym discounts)
* Medicash health plan (Level 3)
* 5% employer pension contribution
* Life assurance
* Income protection insurance
* 28 days holiday plus 3 additional days, bank holidays & further days for various key life events
* Team socials
#J-18808-Ljbffr