Manager, Privacy & Compliance

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

atVenu

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2012

☁️ SaaS

🤝 B2B

🏢 Enterprise

💰 $130M Private Equity Round - atVenu on 2024-10

SaaS • B2B • Enterprise

atVenu is an enterprise commerce platform built specifically for live events, uniting merchandise, concessions, sponsor activations, and fan experiences under one software and hardware stack. The company provides fast, offline-capable point-of-sale systems, mobile ordering and concierge, real-time inventory and dashboards, integrated payments and settlements, sponsor tracking, and hardware logistics to venues, festivals, touring acts, promoters, and concession operators. atVenu focuses on event-specific workflows to reduce lines, automate settlements, capture fan data, and scale operations at high-throughput, temporary event environments.

📋 Description

• Lead the day-to-day operation and continued development of atVenu’s privacy compliance program, including maintaining privacy policies, and internal standards. • Champion privacy requirements across new business initiatives from concept through to operation, managing cross-functional stakeholder engagement to ensure privacy considerations are identified early and carried through to implementation. • Conduct and manage Data Protection Impact Assessments (DPIAs) for new products, features, integrations, and third-party service providers. • Serve as the company’s subject matter expert on GDPR, CCPA/CPRA, PIPEDA, and emerging privacy regulations, providing practical, risk-based guidance to business and technical teams. • Partner with Legal to review and negotiate data processing agreements (DPAs), vendor contracts, and other agreements with privacy implications. • Manage and maintain atVenu’s OneTrust Cookie Consent implementation, ensuring it reflects current data flows and regulatory requirements. • Review customer agreements and data-related contractual obligations to identify permitted and restricted uses of customer data, and work with Legal and Operations to ensure those obligations are understood and operationalized across the business. • Monitor ongoing data practices to ensure customer data is being used in a manner consistent with contractual commitments, flagging and remediating gaps where they arise. • Work with Engineering and Product teams to embed privacy-by-design principles into the development lifecycle. • Manage and respond to data subject access requests (DSARs) and privacy inquiries in a timely and compliant manner. • Lead the privacy workstream during incidents including conducting privacy impact assessments, managing regulatory notifications, and coordinating communication with affected individuals where required. • Assess the privacy implications of AI and machine learning systems at every stage, from evaluating third-party tools before adoption, to reviewing internally developed models from design through deployment, ensuring data use is lawful, transparent, and aligned with regulatory and contractual expectations. • Monitor the evolving regulatory landscape and assess the impact of new or amended privacy laws on atVenu’s operations. • Cultivate a lasting privacy-aware culture by designing and delivering training, creating practical guidance, and serving as a trusted resource for teams navigating privacy questions in their work.

🎯 Requirements

• 8+ years of hands-on privacy compliance experience, ideally in a B2B SaaS, fintech, or a payments environment. • Deep, practical knowledge of GDPR, CCPA/CPRA, and PIPEDA, including how these frameworks apply to transaction data and third-party data sharing. • Proven experience conducting DPIAs and translating their findings into actionable risk mitigations. • Experience reviewing and negotiating data processing agreements and vendor contracts with privacy implications to ensure standards are being met. • Strong project management skills, with a demonstrated ability to own a program, set priorities, and drive initiatives to completion without heavy supervision. • Experience assessing the privacy and compliance risks of AI and machine learning systems, including evaluating third-party AI tools and contributing to internal governance frameworks. • Familiarity with information security principles and how privacy and security controls intersect (e.g., access management, data minimization, retention, incident response). • Experience reviewing commercial contracts or data agreements with an eye toward data use restrictions and obligations, and translating those requirements into practical operational guidance. • Excellent communication skills and the ability to translate complex regulatory requirements into clear, practical guidance for technical and non-technical stakeholders alike. • Comfortable operating in a lean, fast-moving organization where processes are still maturing and ambiguity is part of the job. • A pragmatic and collaborative approach that balances rigour with business reality, and the ability to drive outcomes through influence rather than direct authority.