Skip to main content
Job ID Location Work Location
2200ZS Reading Reading Office (GBM)
Job Type Contract Type Hours Per Week
Professional Full-time 37.5
Shift Pattern Closing Date
Standard Working Week N/A

Where possible we’re committed to flexible working and supporting our employees to have the right work life balance. Do however note, if you choose to apply for a different work location you will not have any eligibility for relocation support or travel allowances.


It is an amazing time to be joining Three; but for us to be the best and to continue on the road of success, we need the most excellent people to be joining our Team.
Reporting to the Data Protection Officer, the Compliance Lead – Data Protection will provide specialist, practical, regulatory guidance and support to ensure that Three has the right policies, processes, procedures and controls in place to operate in line with its legal and regulatory obligations under UK data protection laws and regulations.
“Our people truly make us who we are” You will hear this daily as the gratitude for each other is outstanding. To foster a high-performance people culture, we have a brand new office in Green Park, Reading, as well as offering flexible and hybrid working where possible, to ensure you have the right work life balance (we appreciate the post of Compliance Lead is a vital role to the business but we know the role is also demanding)
We’re looking for someone who has previous B2C experience and will not be fazed by working at a fast pace. If hold a CIPP qualification, even better! If you have experience in PECR – don’t hold back!

Please note this is a 12 month fixted term contract.

The role will:
• Work collaboratively with the data protection team, colleagues in Compliance, Legal and InfoSec as well as the wider business to ensure that legal and regulatory requirements / best practices relating to data protection laws and regulations are effectively identified and implemented
• Review / provide guidance on the development of compliance related policies, procedures, processes and controls to facilitate compliance with applicable laws and regulations
• Work closely with the wider Risk & Compliance team to provide holistic support to the business
• Facilitate the identification, investigation management and resolution of compliance related issues
• Prepare relevant compliance reporting to meet both internal and external regulatory requirements
• Engage with 1st / front line operational business teams to inform and advise 3UK and our employees about our obligations to comply with data protection laws and regulations
• Monitor compliance with the GDPR and other data protection laws, and with our data protection policies, including managing internal data protection activities and conducting compliance reviews
• Ensure that H3G UK remain properly registered under the law and maintains and active article 30 register of processing activities, driving audit and associated data management processes
• Manage data privacy breaches or near misses, support the identification of the root cause, mitigations and monitor implementation to prevent recurrence
• Work with the business to implement compliance with data protection laws and regulation into its transformation programme
• Oversee the subject access request process and individual rights, identify and evaluate our data processing activities

o Excellent understanding and knowledge of UK data protection legislation & regulatory regime, with a proven history of working in the field of data protection (including e.g. ISEB/CIPPE qualification)
o 3 + years of subject matter expertise in providing compliance support for data protection compliance including a proven track record in carrying out monitoring reviews
o Previous experience in a B2C environment with large customer data sets, including marketing
o Demonstrable experience in the application and implementation of Privacy by Design and Default, conducting Data Privacy Impact Assessments and independent assessment of data breaches
o Strong communication and interpersonal skills are essential; a people person skilled at building and maintaining relationships both internally and externally as well as managing key stakeholders
o Ability to work collaboratively with relevant stakeholders to plan, organise and prioritise activities to efficiently meet business objectives
o Work well under pressure, be flexible and comfortable with ambiguity and manage several tasks at the same time working to tight deadlines

• Preferred
o Degree qualified (preferably legal) and/or recognised data protection qualification.
o Proven track record in supporting a large-scale transformation in relation to data protection requirements

TTC Logo

Three are a proud signatory of the Tech Talent Charter (TTC), working across industries to drive greater inclusion and diversity in technology roles.

Can’t find the job you’re looking for?