Global Deputy DPO

WHO WE ARE
At Trustly, we're building a smarter, faster, and more secure financial future by revolutionizing the world of payments. As a global leader in Open Banking Payments, we are establishing Pay by Bank as the new standard at checkout, providing unparalleled freedom, speed, and ease to millions of consumers and merchants worldwide.

Our Ambition: To build the world’s most disruptive payment network and redefine what the payment experience should feel like.

Trustly is a global team of innovators, collaborators, and doers.  If you are driven by a strong sense of purpose and thrive in a dynamic, entrepreneurial, and high-growth environment, join us and be part of a team that’s transforming the way the world pays.

What you'll do

• Contribute to the design and development, and lead the implementation of Trustly's global privacy operations framework, including, procedures, standards, and controls across all jurisdictions in which Trustly operates.


• Support the Global DPO in the performance of all statutory and regulatory obligations under the UK GDPR, EU GDPR, and applicable US privacy laws, acting as a formal deputy and standing in for the DPO in their absence.


• In collaboration with the Global DPO, manage engagements with privacy regulators worldwide.


• Maintain and enhance a robust Records of Processing Activities.


• Manage and continuously improve processes for handling data subject rights requests, data breach notifications, and regulatory enquiries in line with applicable legal deadlines.


• Partner with engineering, security and data teams to embed privacy by design principles.


• Drive the rollout and ongoing improvement of privacy training and awareness programmes across Trustly's global workforce.


• Manage and continuously mature Trustly’s global privacy risk register and contribute to accompanying reports to relevant committees, boards and external bodies.


• Collaborate closely with the Global Privacy & DPO team to ensure alignment on privacy strategies, share best practices, and coordinate cross-regional privacy initiatives.


• Monitor the evolving global regulatory landscape and ensure Trustly's privacy framework remains current, compliant, and fit for purpose as the business scales.

• You have 7-10 years experience in privacy, with substantial experience in a senior in-house privacy role with direct responsibility for privacy operations rather than purely advisory or counsel functions.


• Law degree (LLB, LLM, or equivalent) and qualified solicitor, barrister, or equivalent legal qualification in an EU member state or the UK is strongly preferred but not essential; what matters most is your demonstrable understanding and application of complex UK GDPR, EU GDPR, and US privacy laws (including CCPA/CPRA and other relevant state legislation).


• You are proactive, solutions-oriented, and energised by the challenge of building something meaningful - you do not wait to be told what needs to be done.


• You hold a recognised data protection qualification (such as CIPP/E, CIPM, or equivalent) and have a thorough, practical understanding of the UK GDPR, EU GDPR, and US privacy laws (including CCPA/CPRA and other relevant state legislation).


• You have demonstrable, hands-on experience in building out and scaling global privacy programmes, processes, and governance frameworks from the ground up - not simply maintaining inherited structures.


• You are comfortable operating as a formal Deputy DPO and understand the legal obligations, accountability requirements, and regulatory expectations that come with that designation.


• You bring strong operational instincts alongside your legal knowledge - you can translate complex regulatory requirements into practical, workable processes for a fast-moving business.


• You have strong experience managing cross-functional stakeholder relationships and are confident advising and influencing at all levels, including senior leadership and C-suite.


• Experience in FinTech, payments, or regulated financial services is highly desirable but not strictly essential; what matters most is your demonstrable ability to apply rigorous privacy expertise to a complex, fast-scaling and tech environment.


• Willingness to work flexible hours to collaborate with global privacy team members across different time zones and travel occasionally for meetings.

This listing is from ats_lever. View original listing ↗