Data Protection Counsel

Location LeedsWest YorkshireUK
Type Other
Seniority Junior
Posted Mar 12, 2026
Apply Now

Burberry seeks a Data Protection Counsel in Leeds to deliver commercial GDPR and privacy advice across marketing, e‑commerce and cross‑border projects.

Overview

Burberry is a British luxury fashion house renowned for its heritage craftsmanship, iconic outerwear and digital-first approach to luxury retail. As a global brand, Burberry emphasizes creativity, sustainability and innovation across product, marketing and customer experience while offering a collaborative, cross‑functional legal environment that supports international operations.

Role & Responsibilities

  • Provide day-to-day, commercially focused legal advice on data protection matters (GDPR, PECR and other applicable privacy laws) to business stakeholders across marketing, e‑commerce, IT and operations.
  • Draft, review and negotiate data protection clauses in commercial contracts, including IT, services and marketing agreements, and advise on data transfers and vendor relationships.
  • Lead and support privacy governance tasks: complete and advise on DPIAs, LIAs, privacy notices, consent language and retention policies.
  • Advise on incident response and breach reporting obligations, data subject rights requests, cookies compliance and lawful bases for processing (including direct marketing and AI use cases).
  • Coordinate and obtain local counsel advice on cross‑border privacy issues and translate foreign legal input into pragmatic guidance for internal stakeholders.
  • Partner closely with internal teams and external vendors to embed privacy requirements into business projects and ongoing commercial activities.

Qualifications

  • Qualified solicitor (England & Wales) with approximately 1–3 PQE.
  • Specialisation in data protection law at or since qualification, with strong working knowledge of the GDPR and PECR.
  • Strong academic credentials.
  • Ability to operate with minimal supervision and to interface directly with internal clients and external partners.
  • In‑house experience preferred; experience working with foreign counsel on cross‑border matters is an advantage.

Skills

GDPR PECR Data Protection Impact Assessments (DPIAs) Legitimate Interest Assessments (LIAs) Privacy notices and consent drafting Data transfer mechanisms and cross‑border privacy law Contract drafting and negotiation (data protection clauses) Incident response and breach reporting Cookies and direct marketing compliance Stakeholder management and cross‑functional collaboration

Experience

Approximately 1–3 years PQE with demonstrable hands‑on experience in data protection matters, ideally gained in a law firm and/or in‑house setting; experience advising on marketing, e‑commerce and cross‑border projects is desirable.

Education

Qualified solicitor (England & Wales) with strong academic credentials; specialised training or coursework in data protection/privacy law preferred.

Culture

The company fosters a creative, collaborative environment that blends heritage craftsmanship with digital innovation. Colleagues work in cross‑disciplinary teams and are encouraged to champion sustainability and responsible practices while delivering luxury experiences globally.