EMEA Privacy Manager

IT & Technology London, England



Job Description


Operating Company


Job Title

Privacy Manager

Department / Team

EMEA Privacy Team

Reporting To

Privacy Programme Director



About GroupM


GroupM is the leading global media investment management operation serving as the parent company to WPP media agencies including Mindshare, MediaCom and Wavemaker, each global operations in their own right with leading market positions. GroupM’s primary purpose is to maximize performance of WPP’s media agencies by operating as leader and collaborator in trading, content creation, sports, digital, finance, proprietary tool development and other business-critical capabilities. GroupM’s focus is to deliver unrivalled marketplace advantage to its clients, stakeholders and people. Discover more about GroupM at www.groupm.com.


About the team and/or client


The role sits within the EMEA Privacy Team, who sit in the Global Legal Team.  The Privacy Manager directly reports to the Privacy Programme Director. 


The Role Objective


As EMEA Privacy Manager you will work closely with the Privacy Programme Director and the DPO to drive a privacy aware culture throughout the organisation.  You will be responsible for providing guidance to the business and coordinating workstreams under the privacy programme framework.


The purpose of the role is to organise and deliver on the privacy objectives of the EMEA Privacy Team.  It is important to be able to build trust and good professional relationships with key stakeholders and manage expectations whilst delivering projects on time.





  • Supply Chain Privacy Risk Management:

You will be supporting the roll out of the Privacy Vendor Risk Assessment programme across EMEA.  You will be responsible for checking individual vendor self-assessments, advising on any privacy risks identified, and offering local market support.  You will be able to offer training to markets on the privacy software and will be able to update and amend assessments where required. 


Managing DSARs

  • You will be responsible for responding to enquiries and complaints from data subjects, including requests by data subjects to exercise their rights under data protection law.  Under the direction of the DPO and Programme Director you will manage, DSARs received by GroupM & Group companies and maintain a record of these.




  • Company Privacy Risk Management:
  • Reviewing the current programme for HR, Admin & Finance, you will be able to advise on privacy related matters and ensure regular reviews are undertaken.  You will provide privacy training to enable each department to recognise the privacy related risks and responsibilities and will be able to offer best practice guidelines.
  • Education & Training: working closely with the Privacy Programme Director to promote a data protection culture within the Group. Devising and delivering relevant training and guidance notes to promote Privacy by Design across the Group.
  • Privacy Policies & Assessments: Working closely with the Privacy Programme Director to manage and maintain updates to Privacy Policies and other guidance notes as required.  To help evaluate privacy risks through Data Protection Impact Assessments and advise the business to help mitigate those risks and carry out and document Legitimate Interest Assessments where necessary.
  • General Privacy Support: coordinating responses to queries received through GDPR and privacy inboxes. Auditing the markets approach to the Group Privacy Programme and carrying out a Gap Analysis. Working in conjunction with the Privacy Programme Director to prove regular and ad hoc reports to senior management and other senior stakeholders on data protection matters.



Skills and Behaviours


  • Strong organisational and project management skills, and an organised structured approach to delivering projects on time is essential.
  • Strong written and oral communications skills.  The candidate must be comfortable communicating directly with senior management and other senior stakeholders.
  • Personable, approachable and keen.

Experience Required


  • CIPP/E or other industry recognised privacy or risk management qualification, preferred but not essential.
  • Project management qualification e.g. PRINCE2 would be beneficial.
    •          2 – 3 years managing a privacy programme in a large organisation.
  • Previous experience of managing data protection issues in the media or technology sectors is preferred.



GroupM is an equal opportunity employer. We view everyone as an individual and we understand that inclusion is more than just diversity – it’s about belonging. We celebrate the fact that everyone is unique and that’s what makes us so good at what we do. We pride ourselves on being a company that embraces difference and truly represents the global clients we work with.

If you need assistance or an accommodation due to a disability, please email us via TalentTeam.UK@GroupM.com.