Compliance & Privacy Specialist

We are seeking a proactive and detail-oriented Compliance & Privacy Specialist to join our iGaming business in Malta. This role will play a key part in supporting the company’s compliance framework, with a strong focus on data protection and privacy compliance, including DPIAs, TIAs, privacy risk assessments, and broader regulatory compliance obligations.

The successful candidate will support the business in ensuring compliance with applicable legal and regulatory requirements, including gaming, AML/CFT, Responsible Gambling, and data protection obligations, while helping to strengthen internal controls, governance, and compliance monitoring.

Key Responsibilities

• Support the business in maintaining compliance with applicable regulatory requirements, license conditions, and internal policies, including those issued by the MGA and other relevant authorities.
• Take an active role in the company’s privacy compliance framework, including:
  • preparing and reviewing Data Protection Impact Assessments (DPIAs);
  • conducting and documenting Transfer Impact Assessments (TIAs);
  • supporting privacy risk assessments for new systems, products, vendors, and processing activities.
  • assisting with records of processing and privacy governance documentation.
• Work closely with internal stakeholders on data protection matters, including product, operations, payments, CRM, customer support, security, and external suppliers.
• Assist with regulatory compliance monitoring and perform compliance checks across different operational areas.
• Conduct quality assurance reviews and identify control gaps, weaknesses, or breaches.
• Prepare remediation plans, corrective actions, and follow-up tracking to ensure timely resolution of identified issues.
• Support the handling of compliance-related customer complaints, queries, and internal escalations.
• Assist with internal policy reviews, regulatory gap analyses, and ad hoc compliance projects.
• Analyse and report compliance breaches, weaknesses, incidents, and improvement opportunities.
• Support awareness initiatives and help promote a strong culture of compliance and data protection across the business.

Requirements

• 2+ years’ experience in a Compliance, Privacy, Data Protection, or Regulatory Compliance role, ideally within iGaming or another regulated industry.
• Practical experience with GDPR compliance, including DPIAs, TIAs, privacy risk assessments, and general data protection governance.
• Good understanding of data privacy principles, lawful bases, international data transfers, vendor/privacy reviews, and accountability requirements.
• Experience within an iGaming company and knowledge of MGA requirements is strongly preferred.
• Working knowledge of AML/CFT and Responsible Gambling obligations would be considered an advantage.
• Strong analytical skills and attention to detail, with the ability to identify risks and propose practical solutions.
• Ability to manage multiple tasks, work independently, and build strong relationships with internal and external stakeholders.
• Excellent written and verbal communication skills in English.
• Professional certifications or training in privacy, compliance, AML, or data protection would be considered an asset.