About the assignment
A leading organisation in the public sector is elevating its privacy maturity. You join the Privacy unit to strengthen governance, compliance, and sustainable privacy embedding across the organisation—working in a context of heightened regulatory oversight.
You operate at strategic, tactical, and operational levels. You combine risk-focused thinking with pragmatism: turning complex GDPR requirements into workable processes, policies, and implementation roadmaps. You identify risks and translate them into concrete, executable measures.
You're both advisor and implementer. You guide DPIAs, mentor privacy teams, and drive cultural change toward privacy ownership across the organisation.
Your responsibilities
- Advise on GDPR compliance strategy, data protection governance, and privacy risk management at all organisational levels
- Design and implement privacy policies, processing registers, and data retention frameworks tailored to public sector complexity
- Lead and review DPIAs; identify privacy risks and translate findings into implementable controls
- Coach Privacy Officers, process owners, and functional groups; embed privacy ownership across teams
- Translate legal requirements into practical processes, working instructions, and compliance tooling
- Support data breach response protocols; advise on regulatory notifications and stakeholder communication
- Partner with senior leadership to build privacy accountability and executive-level reporting
Tech Stack & Tools
Platforms & Tooling
Frameworks & Standards
Methodologies
Certifications (preferred)
Must-haves
- Master's degree in Law or equivalent legal qualification
- CIPP/E and CIPM certified
- Minimum 5 years as a privacy jurist, with substantial experience in complex organisations
- At least 1 year advising on privacy within provincial government or equivalent public administration
- Demonstrable experience designing DPIAs, privacy policies, processing registers, and breach protocols
Nice-to-haves
- Experience raising privacy maturity in government environments under regulatory scrutiny
- Background in translating legal frameworks into operational processes and compliance tooling
- CDPSE or additional certifications in data protection governance
What we offer
- Shape privacy governance at provincial scale with real regulatory impact
- Work on strategic, high-visibility compliance challenges in public sector
- Collaborate with senior leadership and drive organisational culture change
- 12-month interim contract (extendable 2×12 months) with flexible scheduling
- Based in Den Haag with option to work 32–36 hours per week
- Personal guidance from a dedicated MVPeople consultant who knows your niche
The process
Introduction
Phone call with your MVPeople consultant (within 24 hours)
Match & Brief
We discuss the assignment in detail and prepare you
Client meeting
Introduction to the client
Start
Contracting and onboarding
Details
Type
Consultancy
Location
Den Haag
Work model
Hybrid
Level
Senior
Industry
overheid
Posted
7 May 2026
Contact
MVPeople Group
jobs@mvpeoplegroup.com