Data Privacy Advisor

Department:  Finance
City:  Leeds
Location:  GB

Founded in 1856 by Thomas Burberry, Burberry is a global luxury brand with a distinctly British attitude. We are a global business with an extensive network of both owned and franchised stores across EMEIA, Asia Pacific and Americas. We are digital pioneers, and innovative technology underpins every aspect of our business, from product design to distribution and marketing. We believe that modern luxury means being socially and environmentally responsible; this mindset is core to our business and key to our long-term success.


Putting the customer’s first is at the heart of what we do, and that includes the way we handle customer and data. As part of an ambitious plan to develop a Centre of Excellence for Privacy, the Data Privacy Leads will be responsible for delivering innovative privacy programmes across Burberry’s global footprint. Based in the Data Protection Office in Leeds and reporting to the Data Privacy Manager, the Data Privacy Leads will be central to responding to a dynamic privacy landscape and will rise to the challenge of working with key business areas in a fast-paced, highly creative environment.




The Data Privacy Office is responsible for protecting our customer' and employee personal data through the delivery of a global data privacy programme, driving change and accountability across the business in order to protect Burberry’s brand and reputation, and maintain customer and employee trust. 

Working closely with Burberry’s Privacy Lawyers, Data Champions and Data Stewards, the Data Privacy Lead roles provide an opportunity to develop expertise in the implementation of privacy legislation in a global retail context.


There will be three Data Privacy Leads operating in the team and between them, they will share the responsibilities below.  Each of the Data Privacy Leads will be expected to specialise and lead some of these areas on their own, as well as supporting a varied and multi-disciplinary approach to data privacy: 


Data Privacy Leads will be responsible for the following activities:


Records of Processing

  • Understand and document how the business handles personal data across all different business areas, including HR, Customer Services, Marketing and Digital  
  • Supprting Data Stewards across the business to ensure the Records of Processing is updated.
  • Managing persnal data risks and the remediation activity


Change Management

  • Working with other change governance teams across the Group to embed and operationalise the Change Management process.
  • Helping prject managers to complete, Privacy Impact Assessments, and advising on privacy by design requirements
  • Supporting specialist Privacy lawyers on change proposals.

Data Subject Requests

  • Working with data champions to respond to requests in their business area
  • Develop templates and tools to improve the process
  • Supporting specialist Privacy lawyers on complex request

Training and Awareness

  • Developing and delivering privacy-focussed face-to-face training to employees at all levels of the business
  • Work with business areas to understand their training needs
  • Develop engaging and innovative training materials and awareness campaigns

Monitoring Compliance

  • Monitor KPI’s and effectiveness measures and controls
  • Carry out effectiveness testing on data protection processes
  • Delivering privacy-focussed audit’s across business areas

Operational Support

  • Supprt the recording of incidents, requests, risk assessments
  • Prepare reports and metrics for managers
  • Prepare minutes and note taking in meetings
  • On-going administration of the programme and record keeping




  • Self-motivated with a desire to help people, take the initiative and to add value.
  • Methodical and organised with an eye for detail.
  • Works co-operatively with others to achieve team objectives being collegial and collaborative, open and non-territorial.
  • Strong verbal and written communication skills, demonstrated in both day to day work and in formal meetings and reporting context.
  • Numerate. Able to manage spreadsheets and detail required for regular reporting.
  • Operates comfortably in an environment that is subject to frequent change.   


  • A practical understanding of data protection law and practice, with relevant experience supporting a data protection programme.
  • Experience supporting a major change or improvement programme.
  • A degree or similar professional qualification.



  • Experience of working in a centralised team, delivering data protection tools, training, and projects across several teams.
  • Experience of working with an audit methodology
  • Experience of working in a large organisation in the private sector
  • Experience of working to a regulator/compliance standard
  • Recognised Data Protection / Internal Audit / Legal / IT security Qualification
  • Experience in a global business, ideally in a luxury brand or retail environment 

Job Segment: Database, Compliance, Internal Audit, Change Management, Technology, Legal, Finance, Management