Associate Counsel, Privacy and Compliance, DataXu, Boston, MA

Data privacy lies at the core of DataXu’s commitment to delivering tailored ads to users without contravening a consumer’s rights to privacy and data security.  This role will be pivotal in the growth of the privacy compliance program and will interact with every business unit in the company serving to ensure that privacy is top of mind. 

This role would be the 3rd attorney to join DataXu, reporting directly to the VP of Legal and would interact with all levels of the business.  The legal team prides itself on being incredibly open, collegial and versatile.  The right candidate will be a true team player who loves innovating and working hard towards lofty goals.

On the Job:

  • Direct and manage the compliance issues involving online advertising, information security and data privacy.
    • Identify, develop and implement process improvements related to privacy issues.
  • Work with self-regulatory bodies to answer questions and assist in providing DataXu privacy POVs.
  • Work with law firms and attend conferences as needed to ensure ongoing compliance and privacy involvement on behalf of DataXu.
  • Serve as lead counsel in building General Data Protection Regulation (GDPR) planning and compliance.
    • Represent the privacy/legal team in product team meetings and ensure “privacy by design” principles.
  • Conduct privacy impact assessments of products, third parties/vendors (roughly 3-5 per month).
  • Work with legal and business units to amend contracts with Suppliers/Vendors to cover GDPR compliance requirements.
  • Implement and maintain a GDPR compliance tool covering PIA, Data Mapping/Processing Activities 
  • Develop and deliver data privacy and ad tech related educational and training materials and assist with training sessions.
  • Serve as an escalation point on privacy issues within contract negotiations.
  • Some domestic and international travel required to brief team members on privacy initiatives 
  • Serve as an internal project manager for legal initiatives across business.

 The Day to Day:

  • 30% Ensuring privacy by design and compliance within the product lifecycle.
  • 40% Building and maintaining the GDPR compliance program both within the legal team and other business units.
  • 10% Privacy related training, education and policy development.
  • 20% Being a versatile utility player!

 About You:

  • JD and 3-5 years’ experience handling privacy related legal issues.
  • CIPP/US certification or willingness to obtain it - DataXu would fund education and exams.
  • General corporate legal experience a plus but not required.

Application Submission Information: