We are seeking an experienced and highly motivated Data Protection Officer (DPO) to join a globally recognised transportation company. This pivotal role will be responsible for overseeing data protection practices and supporting the company’s risk management strategy. As DPO, you will ensure that the organisation is compliant with relevant data protection legislation and foster a culture of corporate risk management across all departments. You will also provide critical guidance and training to staff at all levels, helping the organisation to remain compliant with UK law enforcement requirements and internal policies. Key Responsibilities Advisory Role: Provide expert advice, guidance, and training across all business areas to ensure a consistent level of data protection compliance throughout the organisation. Compliance Monitoring: Regularly monitor and report on data protection compliance across the business, identifying areas for improvement and escalating issues as necessary. Data Rights Requests: Manage and respond to Information Rights requests, including Subject Access Requests (SARs), Objections, and Erasure requests, liaising with Data Subjects and third parties as needed. Processing Activities: Oversee and manage the register of processing activities and ensure its accuracy. Impact Assessments: Review and support the completion of Data Protection Impact Assessments (DPIAs) in accordance with UK-GDPR, ensuring that risks to personal data are identified and mitigated. Data Sharing: Review and make recommendations regarding Data Sharing Agreements, ensuring compliance with relevant data protection legislation. Data Breach Management: Act as the first point of contact for data breaches, conducting investigations and liaising with Supervisory Authorities as required. Person Specification Extensive Knowledge: In-depth professional knowledge of the Data Protection Act 2018, UK-GDPR, and relevant privacy legislation Risk Management Expertise: Strong understanding of Risk Management principles Data Protection Experience: Proven experience managing personal data requests and handling information in line with data protection laws. Independent Judgement: Demonstrated ability to act independently, applying professional judgement in line with legislation, policies, and procedures. Reporting and Training: Experience in preparing reports, making recommendations to improve data protection processes, and delivering training to staff on data protection and risk management practices. Relationship Building: Strong interpersonal skills, with the ability to build effective relationships with stakeholders at all levels, both internally and externally. Political Awareness: Some political awareness, with the ability to anticipate and manage stakeholder or political responses in the course of carrying out responsibilities.