Capital on Tap
Capital on Tap was founded to help small businesses that were underserved by traditional banks. We now provide a best‑in‑class business credit card, spend management platform, savings product and other financial tools that make running a small business easier.
Role Overview
The Data Protection Officer leads the Data Protection team, guiding technology, compliance and business enablement while ensuring full compliance with global data protection regulations.
What you’ll be doing
* Strategic Leadership: Serve as the primary data protection authority (designated DPO under Article 37 of the UK GDPR), providing guidance to senior leadership on privacy risks and opportunities.
* Business Enablement: Work with Product, Engineering, Marketing and Commercial teams to enable compliant pathways for new initiatives.
* Technology & Automation: Lead the implementation of AI technologies and automation tools to streamline data protection activities.
* Regulatory Compliance: Ensure compliance with UK GDPR, DPA 2018, PECR, DUAA, CCPA/CPRA and emerging regulations.
* Risk Management: Conduct and oversee DPIAs, manage data breach responses and implement privacy‑by‑design principles.
* Monitoring: Monitor and assess data processing activities, maintain the Record of Processing Activities.
* Stakeholder Management: Serve as primary contact for regulators, work with legal counsel and represent the company in privacy matters.
* Team Development: Build and lead a high‑performing data protection team.
* International Expansion: Support US operations and international growth by navigating cross‑border data transfer requirements.
* Vendor Management: Lead privacy due diligence for third‑party vendors and partnerships.
* Training & Culture: Drive privacy awareness through training programs and embed privacy considerations into business‑as‑usual processes.
Essential Requirements
* Deep Regulatory Expertise: Knowledge of UK data protection regulations (GDPR, DPA 2018, PECR, DUAA).
* FinTech/Tech Background: Experience in financial services or tech, understanding unique privacy challenges.
* Technical Fluency: Familiarity with data protection tools, privacy platforms and automation technologies.
* AI & Innovation: Willingness to adopt cutting‑edge AI technologies for privacy operations.
* Problem‑Solving Mindset: Pragmatic approach to complex privacy challenges.
* Urgency & Business Focus: Ability to work at pace in fast‑moving environments.
* Leadership Experience: Proven ability to lead cross‑functional initiatives and build teams.
* Strategic Thinking: Translate regulatory requirements into business strategy and anticipate future challenges.
Desirable
* Professional Qualifications: Data protection qualifications such as CIPP/E, CIPM, CIPT, C-DPO or a BCS certificate.
* US Privacy Expertise: Knowledge of CCPA/CPRA, state‑level US privacy laws and multi‑jurisdictional compliance.
* AI Governance Professional: AIGP certification is highly desirable.
* Regulatory Relationships: Existing relationships with privacy regulators or experience managing inquiries.
* International Experience: Experience with international data transfers and global privacy frameworks.
* Experience: Minimum 2 years acting in a DPO capacity within a financial services or technology organisation.
Diversity & Inclusion
We welcome, consider and encourage applications from anyone who shares our commitment to inclusivity.
Benefits
* Private Healthcare including dental and opticians through Vitality.
* Worldwide travel insurance through Vitality.
* Annual anniversary rewards (£250, £500, £750, 4‑week fully paid sabbatical).
* Salary sacrifice pension scheme up to 7% match.
* 28 days holiday plus bank holidays.
* Annual learning and wellbeing budget.
* Enhanced parental leave.
* Cycle to Work Scheme.
* Season ticket loan.
* Six free therapy sessions per year.
* Dog‑friendly office.
* Free drinks and snacks in office.
#J-18808-Ljbffr