Skip to content


Job Description

You will support the Head of Data Protection & Privacy to ensure the Company’s compliance with the following:

  • The General Data Protection Regulation (GDPR).
  • The Data Protection Act 2018.
  • Privacy and Electronic Communications Regulations (PECR).


What skills/experience do I need to be successful?

  • Ability to review and interpret legislation in order to establish the data privacy obligations which are relevant to the Company’s activities;
  • Contractual review experience;
  • Experienced in the application of “best practice” to data privacy procedures using a “risk based” approach;
  • Meeting management and presentation skills;
  • Experience of carrying out Data Privacy audits and gap analysis;
  • Thorough knowledge and understanding of the General Data Protection Regulation (GDPR) and Data Protection Act 2018.


How will I spend my time in this role?

  • Act as a supporting contact point alongside the Head of Data Protection & Privacy, and Senior Data Protection Analyst;
  • Providing support for maintaining and updating the Company’s Data Privacy Policy, Internal Privacy Notice, External Privacy Notice, Record of Processing Activities (ROPA) and the Data Retention Policy;
  • Support with ongoing review of the Company’s data processing activities and compliance with data privacy requirements and, in that context, identify the critical matters requiring compliance focus;
  • Support with developing and documenting Training materials, policies, procedures and guidance to assist compliance within the business;
  • Support with the communication of ongoing compliance requirements to the relevant stakeholders at SmartestEnergy Limited, escalating any issues to the Head of Industry Regulatory Risk along with a remediation plan;
  • Support with the facilitation of implementation of “privacy by design” into systems and processes and provide expert support and guidance on such matters;
  • Support with ensuring that annual GDPR training is provided to all staff;
  • Support with maintaining and updating the Company’s Record of Processing Activities (ROPA) as required under Article 30 of the GDPR;
  • Engage with the business to ensure robust and timely completion of Data Privacy Impact Assessments (DPIA), Legitimate Interest Assessments (LIA), Contract reviews, Data Protection Agreement reviews and Data Privacy risk assessments;
  • Supporting the Head of Data Protection & Privacy with liaison with legal counsel to ensure contracts with customers and third parties have the relevant data protection clauses, where required;
  • Maintain and manage the procedure for reporting of Personal Data Breaches, escalating to the Head of Data Protection & Privacy as appropriate;
  • Support with the procedure for Data Subject Access Requests (DSARs);
  • Work closely with the Company’s Information Security Officer (ISO) to align IT Security systems, processes, and procedures with data privacy obligations;
  • Work closely with IT, Marketing and HR functions to ensure that best practice is operating in departments that process sensitive personal data;
  • Liaise with business and provide information with regard to Data Privacy compliance, as required from time to time, for Company audits.


What else do we offer?

  • The opportunity to work from anywhere in the world for up to 30 days a year;
  • A genuine commitment to smarter working – we recognise your work/life balance matters;
  • Paid time off to volunteer in your community;
  • Excellent benefits package including private medical insurance/dental cover and 10% non-contributory pension from month three;

Check out all our benefits here


What happens next?

Once we receive your CV it will be reviewed by a human– no bots here!

The average process once we receive your application takes around 2-3 weeks with typically 2 stages of video interviews using Teams – however this can change depending on the role (we may invite you to see us face to face or just need 1 video interview).

If you need any support you can see who to contact in our Recruitment Team on the advert – any questions please just let us know.


Get to know us better….

The future of energy is digitised, decarbonised and localised. At Smartest Energy, we need revolutionary thinkers to help our customers make the most of this new landscape, thinking differently to find smart solutions to complex problems.

Formed in 2001, we’re an agile business driven by entrepreneurial thinking. As a subsidiary of the Marubeni Corporation, we also have strong investment and infrastructure behind us. We have three offices in the UK, one in the US and another in Australia. Further expansion is planned for 2024 and beyond which means global career opportunities for you, with plenty of potential to explore new markets.

When you join our Team, you will have the opportunity to contribute and make an impact every single day.



Celebrating our inclusive and diverse culture is core to what we do. We value everybody irrespective of background, disability, religion, gender identity, sexuality or ethnicity.

We know that for our business to thrive we need diverse talent with a range of backgrounds, skills and capabilities in each of the countries in which we operate. We view diversity as one of the key enablers that helps our business to grow.

To apply for this job please visit