GDPRiS is a part of ParentPay Group, having been acquired in 2024. GDPRiS (aka GDPR in Schools) offers a platform and an advisory service to many thousand schools in the UK around data protection and information security.
The data protection adviser is a role within the Customer Service Desk (Customer Success Team). It shares with the Customer Success Team a general responsibility to drive good customer service and customer satisfaction.
The Data Protection Advisor’s specific responsibility is to advise customers on data protection matters. This includes providing guidance on routine data protection questions and specific day-to-day challenges. It also involves recommending strategies to utilise the GDPRiS platform and other documentation tools to enhance an organisation’s data protection posture.
Key Responsibilities
- Provide clear, practical, and reliable guidance to customers on day-to-day data protection matters, ensuring advice is actionable and aligned with current regulatory expectations.
- Support customer success by delivering a high standard of service, contributing to overall customer satisfaction and retention within the Customer Success Team.
- Deliver defensible advice by: - Validating responses where there is uncertainty with senior stakeholders (e.g., Group DPO, Legal Counsel, or experienced colleagues).
- Applying a cautious and risk-aware approach.
- Clearly communicating appropriate caveats, including limitations of available information and the non-legal nature of advice.
- Assist customers in strengthening their data protection posture by recommending effective use of internal platforms, tools, and documentation resources.
- Create, update, and maintain customer-facing resources, including templates (policies, registers), knowledge base articles, and guidance materials, ensuring quality through peer review and appropriate approvals.
- Identify gaps, inefficiencies, or opportunities within advisory services (including DPO-as-a-service offerings) and proactively recommend improvements to management.
- Maintain accurate, comprehensive, and well-structured records of all customer interactions and advice provided (e.g., ticket documentation), ensuring transparency and auditability.
- Stay up to date with developments in data protection law, regulatory guidance, and industry best practices, proactively seeking training and professional development opportunities.
- Communicate clearly, professionally, and respectfully with customers and internal stakeholders, ensuring complex information is conveyed in an accessible and understandable manner.
- Exercise sound judgement and appropriate independence, while actively seeking peer input and review for novel, complex, or uncertain matters.
Skills, Knowledge and Expertise
Mandatory
Necessary for this role is solid subject matter knowledge of
- Data Protection and GDPR (EU and UK).
- PECR
- An awareness of UK laws, regulations and statutory guidance as they relate to data protection, especially for the education sector.
- A familiarity with the ICO (Information Commissioner’s Office), their publications and enforcement action
- A familiarity with documented case law
- Familiarity with CRM and Service desk systems in general and Hubspot for both those purposes in general.
- The Adviser is expected to autonomously carry out research about the subject matter, but be able to question their sources, and their understanding of those sources. This is particularly true of research based on Generative AI tooling.
- Apart from subject-matter knowledge, the GDPRiS team rely heavily on everybody’s input to improve our product offering. Therefore excellent inter-personal skills, communication and teamwork are necessary.
Desirable
- Willingness to learn and engage with Information Security and wider compliance issues
- A willingness to provide help to the group DPO for internal matters, should that be called upon.