Working hours: 35 hours per week, Monday to Friday Duration: Permanent Location: Gloucester - Hybrid Job ref: 203639 About the role Ecclesiastical Insurance, who are proudly part of Benefact Group are looking for a Head of Group Data Protection to join our Gloucester office. As Head of Group Data Protection, you will be responsible for ensuring that Ecclesiastical Insurance Office meets all obligations under GDPR and other applicable Data Protection legislation, providing practical guidance and executing outcomes to compliance requirements. This is a hands-on role that provides plain English solutions to this complex area. Joining our rapidly expanding and innovative Group presents a fantastic opportunity to develop your career and become an integral part of an inclusive, purpose-led organisation. Key responsibilities Responsible for driving compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the UK GDPR and other relevant legislation. Accountable for the Ecclesiastical Group’s privacy governance framework, including risk management, developing compliance templates for data collection activities, advising on and assisting with data mapping, the maintenance of Ecclesiastical’s records of data processing and the appropriate undertaking of vendor management reviews and internal and external audit activities. Accountable for the development and implementation of the organisation's data protection risk strategy and maturity framework. Serving as the primary point of contact for data protection queries in the business and working with key internal stakeholders in the review of operations and projects and related data processing to ensure compliance with data privacy laws, and where necessary, advising on and monitoring data protection privacy impact assessments. Accountable for the delivery of data privacy advice and guidance to the business on a full range of data privacy matters, including regulatory compliance, privacy impact assessments, privacy notices, data subject rights requests, contract remediation, GDPR compliance, data protection by design, international data transfers, data breach incident investigation and notification. Overseeing the reviews of vendor contracts (including relevant standard contractual clauses for international data transfers) and other third-party data processing and data sharing arrangements in collaboration with other internal corporate service functions. Collaborating with Group Technology to ensure that Ecclesiastical’s IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to anonymisation techniques, and retention and destruction of data). Collaborating with the Information Security function to maintain records of all data assets and exports and maintaining a personal data security incident management plan to ensure timely remediation of incidents impacting personal data including impact assessments, breach response, complaints, claims or notifications. Accountable for the development of Ecclesiastical’s privacy training and awareness strategy for business functions and collaborating with the Information Security function(s) to raise employee awareness data privacy and security issues. Accountable for the delivery of advice on and formal responses to data subject rights requests, including data subject access requests (DSARs) and other requests from individuals to ensure these are appropriately responded to within required time-limits. Overseeing the Data Protection team’s work, as well as providing guidance and direction to the team. Knowledge, skills and experience Excellent understanding of GDPR and other relevant data protection regulations. Reasonable amount of experience working in data protection in an advisory and hands-on capacity. A professional certification in data protection (e.g. CIPP/E, CIPM, CIPT) is preferred. Understands the need to offer solutions that are fit for purpose for the needs of our commercial environment and our customers, whilst also working within the relevant frameworks in which we operate. Has a pragmatic approach to avoid over-complication of methodologies and approaches. Communicates clearly and concisely, adjusting the content and delivery according to the needs of the audience. Collaborates and engages with stakeholders and colleagues to build and maintain good working relationships and share knowledge. What we offer A competitive salary - let's discuss it Hybrid working Group Personal Pension - up to 12% employer contribution Generous annual bonus scheme up to 40% 30 days annual leave plus bank holidays, and a holiday buy and sell scheme A range of health and wellbeing benefits, including private healthcare, income protection and life assurance Up to £400 annual personal grant to a charity of your choice Encouraged to take at least one volunteering day per year Employee Assistance Programme Full study support to gain professional qualifications Access to virtual GP Enhanced maternity and paternity pay About us Ecclesiastical Insurance offer insurance with award-winning service across a broad range of specialisms, including faith, charity, heritage, education, art and private client, real estate and schemes, across Ireland, Canada and the UK. As a business, we’ve been trusted to protect some of the UK’s best-loved and most iconic buildings for over a century, and we’re not standing still. We’re a forward thinking, energetic organisation entering new markets, with an ambition to double our size, because when we grow, we give back more. Benefact Group is a unique international financial services Group made up of over 30 businesses. We are owned by a charity and are currently the UK’s 3rd largest corporate donor, having given away £200 million since 2016. We have ambitious plans to become the UK’s number one corporate donor, with strategic objectives in place to double the Group’s size. We believe it’s essential to attract, empower, grow and reward talented people, offering fantastic opportunities for career and personal development. Our giving ethos, 135-year history and the diversity of what we do, has enabled us to build a culture of kindness, great ambition, and of passionate people driven to do better and be better. At Benefact Group, we are committed to creating an inclusive culture and building an environment where each and every one of us feels valued and respected. We are a community made up of people with a range of different backgrounds, abilities, perspectives, beliefs and interests and we value the strength this brings to us as a Group. We welcome applications from everyone. If you need any additional support during the recruitment process, then please let us know.