Data Protection Officer

Job Title: Data Protection Officer

Reporting To: Chief Financial Officer

Location: Wilmslow

Hours of Work: Full Time (will consider Part Time and Flexible Working)

Salary: Competitive


The Role

This position will be a critical role in complying with Citations obligations under the Data Protection Act 1998.  The candidate will be responsible for ensuring Citations readiness for the new legislation – General Data Protection Regulation (GDPR), and compliance with it post enforcement date (25th May 2018).  We’ve already done a lot of work, so you won’t need to start from scratch.  The role will also hold responsibility for compliance and maintenance of Citations ISO 9001 standard.

If you want a role that you can make your own, where you can make a real positive business impact and work for a Company full of great colleagues, then this could be the role for you.  Cultural fit is really important, we don’t want you to come in and scare us, we want someone with great influencing and commercial skills, who can not only help us ensure compliance but is savvy enough to drive through the business benefits of this role.

The Person

Regulatory Essentials (Article 39 GDPR):

  1. The Data Protection Officer shall be responsible for the following:
  • to inform and advise the Company (and employees who carry out processing) of its’ obligations pursuant to this Regulation and to other Union or Member State data protection provisions;
  • to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
  • to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
  • to cooperate with the supervisory authority;
  • to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.
  1. The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.


The below list is not exhaustive and incorporates entities within the Citation Holdings Group:

  • Advise on compliance with the relevant National and European legislation
  • Create and maintain all data protection policies and procedures e.g. CCTV, Security, Call Recording, Subject Access Request, Data Retention – this list is not exhaustive
  • Provide operational information and guidance on the processing of personal data
  • Complete all Subject Access Requests (SAR)
  • Be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc.)
  • Provide advice and support to the Executive and Operations Boards on any Data Protection related tasks/issues/projects
  • Define Group KPI’s for Data Protection adherence and provide MI to the Board’s
  • Work with the Product Team to develop DP products for market
  • Undertake all audits, impact assessments and health checks
  • Liaise with Information Security colleagues providing advice and input to any IS related tasks
  • Provide training to all members of the Citation Holdings Group
  • Management of Citation’s ISO 9001 certification – e.g. internal audits, management reviews
  • Works collaboratively with a range of people to support the wider business agenda
  • Proactively identifies areas for improvement, shares lessons learnt with colleagues and encourages others to do the same


Education & Experience:

  • Relevant Qualification e.g. Data Protection Practitioners’ Certificate
  • In-depth understanding of GDPR
  • Experience in managing ISO 9001 compliance – desirable
  • Knowledge of the B2B Business Consultancy sector – desirable


Pop in your details and we'll call you straight back

We'll get back to you as soon as we can.