Head of Data Protection & Compliance
Based in Leeds, Dublin or Malta.
Your team
Forming part of the Flutter UKI Data Compliance & Governance department and reporting into the Data Protection Officer, the Head of Data Protection & Compliance will lead the day-to-day management, including oversight of the Operations,and Strategy & Assurance teams and of the relevant frameworks and operations. They will act as Deputy DPO, being Flutter UKI’s go-to senior subject matter authority in the areas of DP, privacy, AI and other data-specific compliance matters.
The individual will be expected to drive a best practise data compliance culture across Flutter UKI that results in industry-leading practices, efficiencies, accountability and internal customer trust in our compliance posture and data management.
What you’ll do
1. Leading the day-to-day activities of the Office, in its role as a second line of defence office within the Risk & Legal function. This includes overseeing the office’s personnel, budgets, technology/tooling and day-to-day operational activities .
2. Driving a culture of ownership through the management of the network of accountable data and technology owners, and their stewards, across the business.
3. Providing professional data protection, privacy and AI compliance advice and support to the UKI Division as a proactive and approachable SME.
4. Collaborating with key business partners within Flutter UKI to drive compliance, particularly with data governance, data management, security, and product partners to align and harmonise frameworks and controls.
5. Being responsible for and leading key DP and AI related programmes and projects.
6. Assisting the DPO & DGO as the need arises with strategy and leadership.
7. Overseeing the Operations and Strategy Assurance teams work, providing guidance and direction to the team.
How you’ll do it
8. An experienced professional with confirmed experience in DP, privacy andAI ethics/complianceDG, ideally having held senior DP/privacy manager or deputy DPO role(s) in similar organisation or held previous DPO role(s) in a slightly smaller organisation.
9. Consistent track record of leading and delivering data protection and privacy programs and frameworks within in a similar type of business and high reaching commercial environment.
10. Expertise in implementing and maintaining enterprise-grade DP and privacy management software platforms.
11. People and team management experience.
12. Experience working cross-functionally with all levels of management.
13. Industry-recognised professional qualifications (e.g. IAPP CIPP/e, CIPM, CIPT, etc.)
14. Deep understanding of privacy by design within technology, in particular areas of digital advertising and marketing (adtech), B2C customer management, analytics & data science, and workplace technology.
About Flutter UK & Ireland
Extraordinary starts here.
Flutter UK & Ireland unites a dozen brands, hundreds of teams and thousands of colleagues who create trusted entertainment for millions of customers every week.
With the likes of Paddy Power, Betfair and Sky Betting & Gaming in the fold, we’re the largest division of global entertainment giant Flutter and boast some of the most popular apps and games in UK and Ireland markets.
At Flutter UK&I, we can guarantee you that no two days will ever be the same — and you’ll have the chance to make a difference to your career, the industry, and your amazing colleagues.
What we’ll offer you
15. £1,000 learning fund
16. Uncapped leave
17. Twice-yearly bonus (with part of it guaranteed!)
18. Pension contribution scheme
19. Private healthcare
20. Flexible ways of working – home or office, it’s your choice!
21. Access to thousands of Udemy courses
22. Invest via the Company Sharesave Scheme
23. 16 hours paid volunteering time per year.
We’re working to be an inclusive employer, and we encourage people from all backgrounds, ways of thinking and working to apply. Everyone brings different perspectives and experiences; you don't have to meet all the requirements listed to apply for this role.
If you need any adjustments to make this role work for you let us know, and we’ll see how we can accommodate them.
Accountabilities
The individual is accountable for leading UKI’s data compliance capabilities and business units, primarily in the areas of data protection (“DP”) and artificial intelligence (“AI”) compliance. This includes:
24. Managing the day-to-day activities of the Flutter UKI Data Protection & Compliance Office, in its role as a second line of defence office as part of the Risk & Legal function within Flutter UKI. This includes management of the Office’s personnel, budgets, technology/tooling and day-to-day operational activities .
25. Driving a culture of ownership and accountability through the management of the network of accountable data and technology owners, and their stewards, across the business.
26. Horizon scanning to stay abreast of the latest changes in data-specific legislation, compliance, legal rulings, regulator decisions & guidance, and industry standards, ensuring that our Flutter UKI DP, AI and other data compliance frameworks cover all relevant obligations and are positioned as best in class amongst our competitors;
27. Providing professional data protection, privacy and AI compliance advice and support to the Flutter UKI Division as a proactive and approachable subject matter expert.
28. Collaborating with key business partners within Flutter UKI to drive compliance, particularly with data governance, data management, security and product stakeholders to align and harmonise frameworks and controls.
29. Overseeing and managing key DP and AI related programmes and projects.
30. Assisting the DPO & DGO as required, including but not limited to: DP and AI compliance strategy and leadership within UKI, in accordance with our data compliance obligations, risk appetite and commercial strategy and objectives ; UKI’s DP and AI compliance framework design, development, delivery, maintenance and/or assurance, to facilitate Flutter UKI’s implementation of robust controls and practices that directly improve our ability to meet compliance obligations, reduce risks and deliver commercial objectives. Reporting to senior management on key DP and AI matters;Acting as a point of contact for Flutter UKI brands and liaising with data protection and related regulators ;Chairing and managing DP and/or AI related committees and working groups, and representing the DP and AI interests in cross departmental committees and/or forums.
31. Overseeing the Data Protection & Compliance Strategy & Assurance team’s work, as well as providing guidance and direction to the team. This includes, but is not limited to, oversight of the Strategy & Assurance team’s work on : Monitoring and research of legislative developments, regulator guidance and decisions, case law, external and internal business environment to ensure that the Flutter UKI Data Protection and AI frameworks align with all legal requirements and industry best practice;Working with colleagues in other Flutter Divisions to enable the development of global frameworks, standards, knowledge transfer and best practice .Creating, maintaining, refining and obtaining assurance of implementation of data protection, privacy and AI policies, standards, procedures and related documentation .Ongoing assurance, through metrics and measurement, on policy and standards implementation.Development and delivery of DP training and awareness programs across the business. Monitoring DP, AI and data compliance risks at enterprise and operational levels, and escalating and reporting on same as required.
32. Overseeing the Data Protection & Compliance Operations team’s work, as well as providing guidance and direction to the team. This includes, but is not limited to, being an escalation point and providing guidance on :Data protection ( DPIAs ) and AI risk assessments ; Data sharing relationships, contractual clauses and international transfer arrangements and risk assessments; Data subject rights ;Personal data breaches ; Cookies, e-privacy, adtech, and marketing compliance ;Other data protection, privacy and AI queries, risks and issues.