About the assignment
You join a forward-thinking organisation navigating complex data protection requirements. GDPR compliance forms your foundation, but you're equally focused on emerging regulations like the AI Act and NIS2 Directive.
You design privacy-by-design frameworks, conduct Data Protection Impact Assessments (DPIAs), and manage vendor compliance. Your role bridges technical teams, legal, and leadership—translating regulation into practical controls.
You'll build a privacy program that reduces regulatory risk, strengthens customer trust, and enables innovation without compromise.
Your responsibilities
- Develop and maintain comprehensive privacy policies aligned with GDPR, ePrivacy, and AI Act requirements
- Conduct Data Protection Impact Assessments (DPIA) for new systems and processing activities
- Manage vendor risk assessments and data processing agreements (DPAs) across third-party relationships
- Lead data subject rights requests (access, deletion, portability) and ensure timely, compliant responses
- Advise product, engineering, and business teams on privacy-by-design implementation
- Report on privacy maturity and regulatory risk to senior leadership and the board
- Investigate privacy incidents and coordinate breach notifications per regulatory timelines
- Monitor regulatory updates and translate them into operational controls and training programmes
Tech Stack & Tools
Platforms & Tooling
Frameworks & Standards
Methodologies
Certifications (preferred)
Must-haves
- 5+ years privacy compliance or DPO experience
- Expert knowledge of GDPR and EU data protection law
- Experience conducting DPIAs and designing privacy controls
- Proven ability to communicate privacy concepts to non-technical stakeholders
- Strong track record managing data subject requests and breach incidents
Nice-to-haves
- Familiarity with AI Act and emerging privacy regulations (NIS2, DORA)
- Experience with OneTrust, Collibra, or similar privacy platforms
- Background in legal, compliance, or information governance
- CIPP/E or CIPM certification
What we offer
- Shape privacy strategy for an organisation scaling responsibly
- Direct influence on board-level risk and compliance discussions
- Exposure to emerging regulations (AI Act, NIS2) ahead of enforcement
- Collaborative environment bridging legal, technical, and business teams
- Continuous learning through professional networks and regulatory updates
- Personal guidance from a dedicated MVPeople consultant who knows your niche
The process
Introduction
Phone call with your MVPeople consultant (within 24 hours)
Match & Brief
We discuss the assignment in detail and prepare you
Client meeting
Introduction to the client
Start
Contracting and onboarding
Details
Type
Consultancy
Location
Utrecht
Work model
Hybrid
Level
Senior
Industry
overige
Posted
22 May 2026
Contact
MVPeople Group
jobs@mvpeoplegroup.com