Footasylum logo

Data Protection Officer

Footasylum
3 hours ago
Full-time
On-site
Rochdale, England, United Kingdom
Data Protection

Description

Footasylum is a leading UK-based retailer specialising in streetwear and sportswear, committed to delivering innovative and trend-setting products to our customers, with a strong focus on digital transformation and data-driven decision-making.

The Data Protection Officer (DPO) will be responsible for overseeing and ensuring compliance with the UK GDPR, the Data Protection Act 2018, and other applicable privacy and data protection legislation within a Retail Fashion environment. Reporting directly to Legal Counsel, the DPO will act independently, providing expert advice on data protection risks arising from customer, employee, supplier, e‑commerce, loyalty, and marketing data processing activities. The role will act as the primary point of contact for the Information Commissioner’s Office (ICO) and data subjects.

Responsibilities

Governance & Compliance

  • Ensure ongoing compliance with UK GDPR, the Data Protection Act 2018, and other applicable privacy legislation.

  • Monitor and report on compliance risk, breaches and compile internal data protection policies.

  • Develop, implement, and maintain Footasylum’s data protection policies, procedures, standards, and guidance including stores, online platforms, and head office operations.

  • Maintain accurate Records of Processing Activities (RoPA), including customer, marketing, supplier, and workforce data.

  • Monitor regulatory developments and advise the business on their impact.

Retail & Commercial Advisory

  • Provide specialist data protection advice relating to:

    • Customer and loyalty programmes

    • E‑commerce and digital platforms

    • Marketing, CRM, and profiling activities

    • CCTV and in‑store technologies

    • Workforce and HR data

  • Advise on privacy by design and by default for new retail initiatives, store rollouts, system changes, and third party integrations.

  • Support Legal Counsel with data protection matters, including contracts, supplier risk, and data processing agreements.

Risk Management & Assurance

  • Lead and review Data Protection Impact Assessments (DPIAs) where required.

  • Conduct audits, compliance reviews, and risk assessments across retail, head office, and digital operations.

  • Identify data protection risks and recommend practical, commercially aligned mitigation actions.

Incident & Breach Management

  • Lead the management of personal data breaches, including investigation, documentation, and notification to the ICO where required.

  • Act as a key advisor during incidents, ensuring timely, compliant, and proportionate responses.

  • Oversee post incident reviews and improvements.

Training & Awareness

  • Design and deliver data protection training programmes for retail, head office, and digital teams.

  • Promote a strong data protection culture across the organisation.

Stakeholder & Regulator Engagement

  • Act as the primary contact for the ICO and other relevant authorities.

  • Manage and oversee responses to Data Subject Access Requests (DSARs), complaints, and regulatory enquiries.

  • Work closely with IT, HR, Marketing, E‑commerce, and Procurement teams.

Skills/Experience

Essential

  • Strong working knowledge of UK GDPR and the Data Protection Act 2018.

  • Demonstrable experience in a data protection, compliance, legal, or information governance role.

  • Experience advising on DPIAs, DSARs, and breach management, including third parties.

  • Ability to translate legal and regulatory requirements into practical guidance.

  • Strong communication and stakeholder management skills.

Desirable

  • Experience working within the Retail Fashion sector or a consumer facing retail environment.

  • Understanding of retail customer data, marketing consent, profiling, and e‑commerce data risks.

  • Experience engaging with the ICO or other regulators.


Why Footasylum?

We are one of the leading omni-channel retailers across the UK, but more than that we are a brilliant place to work. We value you and your development. We have loads of examples of people moving upwards, across to other departments and given training to excel their personal and professional skills. Our aim is to create a fun environment, where your success is paramount to ours and you are given the right tools, support and platform to achieve your goals.

Diversity

We recognise and value the importance of diversity to help make sure we have lots of different perspectives when we are building services to customers and the wider business. This is great news for our business. Diversity for us is also, importantly, about building happy teams full of people that want to learn and want to be inspired by each other and our different experiences and backgrounds.

Recruitment Process

We review applications on an individual basis, and if we feel you would be a good fit we’ll invite you for a call or Teams video for an informal chat about the role, and to see if we’re a good fit for you.

We value open and honest conversations and collaboration, giving you a chance to learn about what we are doing in an informal and friendly environment. We want to know about you and why you feel that this is the opportunity for you. Please note, this is not a remote role and our expectation is that you will be able to attend Head Office a hybrid way, in Greater Manchester.