To support the Data Protection Manager in ensuring compliance with UK GDPR, the Data Protection Act 2018, and internal data protection policies and procedures. The role focuses on supporting data protection operations, responding to data subject enquiries, maintaining accurate records, and assisting with incident management.
Key Responsibilities
Data Subject Enquiries and Risk Resolution
Act as a point of contact for Subject Access Requests (SARs) and related data subject enquiries.
Log, track and support responses to SARs and rights requests within statutory timeframes.
Assist in collating information and maintaining accurate records relating to requests and disclosures.
Support the resolution of enquiries promptly and professionally to minimise regulatory and reputational risk.
Escalate complex or high-risk matters where appropriate.
Compliance Support
Assist in maintaining data protection policies, procedures, templates and documentation.
Support monitoring and reporting activities relating to organisational compliance with UK GDPR and internal requirements.
Maintain data protection registers, logs and audit records.
Assist with internal reviews, reporting and compliance checks where required.
Operational Support and Flexibility
Provide some weekend cover availability to support operational continuity and urgent enquiries.
Provide cover for Incident Reviewers where required during periods of absence or increased demand.
Support the wider compliance and incident review function as required.
General Administration
Provide administrative support to the Data Protection Manager and wider compliance team.
Maintain organised and accurate electronic records and filing systems.
Skills & Experience
Essential
Strong organisational skills and attention to detail.
Ability to handle confidential and sensitive information appropriately.
Good written and verbal communication skills.
Competent IT skills, including spreadsheets and Microsoft Office applications.
Ability to manage workload effectively and prioritise tasks.
Desirable
Understanding of UK GDPR and the Data Protection Act 2018.
Previous experience in a data protection, compliance or administrative role.
Knowledge of Subject Access Request (SAR) processes.
Experience handling sensitive customer or compliance-related enquiries.
Experience working within a regulated or operational environment.
Personal Attributes
Detail-oriented and methodical.
Reliable, professional and discreet.
Proactive and well organised.
Calm under pressure and able to manage sensitive situations appropriately.
Able to work independently and as part of a team.
Success Measures
Timely and accurate handling of SARs and data subject enquiries.
Effective maintenance of data protection documentation and records.
Positive contribution to overall GDPR compliance and operational effectiveness.
