Privacy and Customer Excellence Specialist

The Privacy and Customer Excellence Specialist is responsible for ensuring that Data Subject Requests (DSRs) are handled correctly, consistently, and efficiently across the group. This includes setting clear guidelines for how DSRs should be assessed, processed, documented, and answered in daily operations.

The role combines hands-on operational responsibility with group-wide ownership of DSR ways of working, ensuring alignment between legal requirements and practical execution across Operations, Legal, IT, and Credit Risk & Analytics.

Key Responsibilities

• Take overall responsibility for the day-to-day handling of DSRs across the group.

• Review incoming requests and ensure they are correctly classified and handled according to established guidelines.

• Ensure DSRs are answered within legal timelines and follow up on open or delayed cases.

• Handle complex, sensitive, or high-risk DSRs and act as an escalation point when needed.

• Develop, own, and maintain clear group-wide guidelines for how DSRs should be handled in practice.

• Define how different types of DSRs should be assessed, including scope, data sources, exemptions, and response structure.

• Ensure guidelines are practical, easy to follow, and aligned with both legal requirements and operational realities.

• Update guidelines when regulations, systems, or business processes change.

• Ensure guidelines are understood and applied consistently across teams and entities.

• Own the practical DSR processes and ensure they reflect the established guidelines.

• Identify gaps, risks, and inefficiencies in how DSRs are handled.

• Drive improvements to simplify workflows, reduce manual handling, and improve quality and consistency.

• Support standardisation across the group while allowing for local operational needs.

• Coordinate DSR handling between Operations, Legal, IT, and Credit Risk & Analytics.

• Ensure clear ownership and handovers between teams involved in data identification, extraction, review, and response.

• Act as a bridge between legal interpretation and operational execution.

• Follow up on dependencies to ensure timely and accurate delivery.

• Define operational and functional requirements for IT systems supporting DSR handling.

• Work with IT to improve data access, data extraction, and case handling tools.

• Translate legal and guideline requirements into concrete system and process needs.

• Participate in initiatives to automate or improve DSR handling where possible.

• Train employees on DSR guidelines, processes, and practical case handling.

• Provide ongoing support and guidance in daily DSR work.

• Act as a subject matter expert and point of contact for DSR-related questions.

• Ensure guidelines, processes, templates, and work instructions are documented and kept up to date.

• Maintain documentation and evidence demonstrating compliant DSR handling.

• Support Legal in audits, inspections, and regulatory inquiries related to DSRs.

• Ensure decisions in complex cases are properly documented and traceable.

Qualifications & Experience

• Relevant higher education (e.g. law, compliance, data protection, information security, business, or IT).

• Practical experience working with Data Subject Requests and data protection requirements.

• Experience from an operational compliance, legal, risk, or similar role.

• Experience working cross-functionally in a regulated environment.

Skills & Personal Attributes

• Fast learner with the ability to quickly understand systems, data flows, and processes.

• Hands-on, pragmatic, and solution-oriented.

• Structured, detail-oriented, and reliable.

• Comfortable taking ownership and driving work independently.

• Clear and confident communicator, able to explain guidelines and requirements in simple terms.

• Fluent in English, both written and spoken.

Nice to Have

• Experience developing operational guidelines or playbooks.

• Experience working with GDPR in a group-wide or international setup.

• Experience defining requirements towards IT or working with case management tools.

• Background from financial services, credit, or other regulated industries.

• Experience supporting audits or regulatory reviews.

• Additional language skills besides English.