Overview
B&M is one of the UK's fastest-growing retailers, and we're on an exciting journey to modernise how we manage both data protection and supplier compliance across our business. We're looking for a Data Protection & GSCOP Compliance Lead who's ready to roll up their sleeves and shape two critical areas of governance from the ground up.
Key responsibilities
* Lead the development and delivery of B&M's data protection strategy and GDPR-compliant governance frameworks.
* Oversee the transition from paper-based to digital information handling and embed privacy in all projects and initiatives.
* Act as a trusted advisor, providing clear guidance to senior leaders, managers, and frontline teams on data protection and supplier compliance.
* Conduct DPIAs, risk assessments, audits, and support incident response and investigations.
* Act as the designated GSCOP Code Compliance Officer, ensuring full adherence to the Groceries Supply Code of Practice.
* Manage the relationship with the Grocery Code Adjudicator (GCA), including attending meetings and preparing briefings and regulatory reports.
* Serve as the independent point of contact for suppliers on GSCOP matters and manage escalation processes transparently.
* Deliver training and awareness programmes to Buying and Commercial teams on GSCOP and compliance expectations.
* Maintain and update policies and procedures governing data protection and supplier relationships.
* Monitor compliance, investigate potential breaches, and report findings to senior management and, where required, the Groceries Code Adjudicator.
* Coordinate with Internal Audit, Legal, and external regulators to support reviews and provide assurance.
* Identify and mitigate risks in contracts, negotiations, promotions, and delistings to ensure fair treatment of suppliers.
* Work closely with ExCo, buying teams, and category managers to embed a culture of transparency, fairness, and compliance.
* Drive continuous improvement to strengthen supplier relationships, enhance governance, and support ethical, sustainable practices.
* Support organisational readiness for transition into the formal Data Protection Officer role.
To be successful in this role, you will have
* Experience in data protection, privacy, GDPR, information governance, or regulatory compliance—ideally within a complex retail or multi-site environment.
* Knowledge of GSCOP or regulatory frameworks governing supplier relationships (experience applying GSCOP in practice is highly advantageous).
* Hands‑on experience building governance frameworks, writing policies, and rolling out practical tools to operational teams.
* Ability to interpret complex regulations confidently and translate them into clear, business‑friendly guidance.
* Strong communication skills and a collaborative working style, with the ability to influence, educate, and support colleagues at all levels.
* A legal, compliance, or regulatory background is useful but not essential—expertise, confidence, and practical experience matter most.
* A proactive mindset and enthusiasm for shaping a new role, leading change, and building capability from the ground up.
Why join us?
This is a unique opportunity to shape a new function and play a critical role in the evolution of our store estate. You'll be joining at a pivotal time, with the scope to make a tangible impact on how our customers experience B&M.
We offer you a range of great benefits including discount in our stores, a colleague portal offering discount for numerous retailers, hospitality & much more! Check out our full benefits here - https://careers.bmstores.co.uk/our-bm-benefits/
B&M Retail are an equal opportunity employer. We are committed to creating an inclusive and diverse environment for all colleagues.
#LI-DNI
#J-18808-Ljbffr