Founded in 1856 by Thomas Burberry, Burberry is a global luxury brand with a distinctly British attitude. We are a global business with an extensive network of both owned and franchised stores across EMEIA, Asia Pacific and Americas.
We are digital pioneers, and innovative technology underpins every aspect of our business, from product design to distribution and marketing.
We believe that modern luxury means being socially and environmentally responsible; this mindset is core to our business and key to our long-term success.
Putting the customer’s first is at the heart of what we do, and that includes the way we handle customer and data. As part of an ambitious plan to develop a Centre of Excellence for Privacy, the Data Privacy Leads will be responsible for delivering innovative privacy programmes across Burberry’s global footprint.
Based in the Data Protection Office in Leeds and reporting to the Data Privacy Manager, the Data Privacy Leads will be central to responding to a dynamic privacy landscape and will rise to the challenge of working with key business areas in a fast-
paced, highly creative environment.
The Data Privacy Office is responsible for protecting our customer' and employee personal data through the delivery of a global data privacy programme, driving change and accountability across the business in order to protect Burberry’s brand and reputation, and maintain customer and employee trust.
Working closely with Burberry’s Privacy Lawyers, Data Champions and Data Stewards, the Data Privacy Lead roles provide an opportunity to develop expertise in the implementation of privacy legislation in a global retail context.
There will be three Data Privacy Leads operating in the team and between them, they will share the responsibilities below.
Each of the Data Privacy Leads will be expected to specialise and lead some of these areas on their own, as well as supporting a varied and multi-
disciplinary approach to data privacy :
Data Privacy Leads will be responsible for the following activities :
Records of Processing
Understand and document how the business handles personal data across all different business areas, including HR, Customer Services, Marketing and Digital
Supprting Data Stewards across the business to ensure the Records of Processing is updated.
Managing persnal data risks and the remediation activity
Working with other change governance teams across the Group to embed and operationalise the Change Management process.
Helping prject managers to complete, Privacy Impact Assessments, and advising on privacy by design requirements
Supporting specialist Privacy lawyers on change proposals.
Data Subject Requests
Working with data champions to respond to requests in their business area
Develop templates and tools to improve the process
Supporting specialist Privacy lawyers on complex request
Training and Awareness
Developing and delivering privacy-focussed face-to-face training to employees at all levels of the business
Work with business areas to understand their training needs
Develop engaging and innovative training materials and awareness campaigns
Monitor KPI’s and effectiveness measures and controls
Carry out effectiveness testing on data protection processes
Delivering privacy-focussed audit’s across business areas
Supprt the recording of incidents, requests, risk assessments
Prepare reports and metrics for managers
Prepare minutes and note taking in meetings
On-going administration of the programme and record keeping
SKILLS / COMPETENCIES
Self-motivated with a desire to help people, take the initiative and to add value.
Methodical and organised with an eye for detail.
Works co-operatively with others to achieve team objectives being collegial and collaborative, open and non-territorial.
Strong verbal and written communication skills, demonstrated in both day to day work and in formal meetings and reporting context.
Numerate. Able to manage spreadsheets and detail required for regular reporting.
Operates comfortably in an environment that is subject to frequent change.
A practical understanding of data protection law and practice, with relevant experience supporting a data protection programme.
Experience of working in a large organisation in the private sector
Experience supporting a major change or improvement programme.
Experience of working with an audit methodology
Experience of working to a regulator / compliance standard
A degree or similar professional qualification.
Experience of working in a centralised team, delivering data protection tools, training, and projects across several teams.
Recognised Data Protection / Internal Audit / Legal / IT security Qualification
Experience in a global business, ideally in a luxury brand or retail environment