Bumble Inc. - Privacy Legal Advisor

• Coordinate Incident Response • Handle responses to low to medium-risk personal data breaches, with oversight from supervising privacy counsel as appropriate. • Handle and assist with serious and complex data breaches by coordinating breach investigations by triaging facts, collecting documentation, coordinating cross-functional tasks, and preparing draft incident assessments, notifications and regulatory materials for supervising counsel review and approval. • Maintain the personal data breach log, clear and organized investigative records, and track post-incident follow-through. • Execute Core Global Privacy Compliance Activities • Support the implementation and optimisation of Bumble’s global privacy and data protection compliance programme, including GDPR, UK DPA, CCPA/CPRA and other global emerging privacy frameworks. • Contribute to cross-functional programs, controls, and process improvements that support global regulatory compliance and scalability. • Conduct research and help scope emerging privacy requirements in other markets, escalating legal questions to supervising counsel as appropriate. • Monitor developments in global privacy laws and, with support from supervising privacy counsel, implement updates needed to reflect their practical implications for Bumble’s operations. • Take ownership of privacy projects, ensuring timely delivery and effective cross-functional coordination, including higher-complexity matters under the supervision of the privacy counsel. • Manage Key GDPR Compliance Artifacts • Partner with business teams to keep ROPA accurate and up to date. • Maintain draft and quality review of DPIAs, LIAs and similar data protection assessments, together with DSARs, escalating, as appropriate, to supervising privacy counsel. • Review drafts of Data Processing Agreements, data sharing agreements, vendor data protection addenda, SCCs/TIAs, and related documentation for third-party processing transfers, escalating, as appropriate, to supervising privacy counsel. • Handle complex data sharing arrangements under the supervision of privacy counsel. • Coordinate The Engagement of The External DPO • Coordinate regular meetings with the external DPO and assist with data protection issues and incident escalations to the DPO. • Track deadlines, coordinate inputs, and maintain records of correspondence and tasks and issues raised by the DPO, such as incident response, regulatory query, responses to data subject requests or data protection compliance documentation. • Coordinate Regulatory Engagement • Collect information and prepare draft responses to regulatory inquiries in partnership with Product, InfoSec, Engineering, Member Support, internal and external counsel, and DPO resources, with review and approval by the supervising privacy counsel. Track deadlines, coordinate inputs, and maintain records of regulatory correspondence. • Embed Privacy-by-Design • Identify privacy considerations and document privacy assessments in compliance with data protection laws, and identify high-risk issues for escalation to supervising privacy counsel for legal interpretations as required. • Support Member Rights • Assist with responding to member rights requests and regulatory inquiries alongside the broader privacy and legal teams, with supervision as appropriate. • Partner closely with the member support function and with review by the supervising privacy counsel, as appropriate, to respond to requests from members for access to or deletion of their data, and assist on (i) regulatory investigations from regulators in the US, UK and EU, and globally; and (ii) member claims in civil courts, in relation to Bumble’s response to members’ requests. • Collaborate Across the Business • Support alignment of privacy operations with marketing, consumer protection, and P&C. • Assist internal and external counsel with updating privacy policies and disclosures by preparing drafts, conducting research, collating information, and coordinating feedback. • Work closely with the Product Counsel to advise on privacy considerations in consultation with supervising privacy counsel, arising from product changes and new feature development. • Partner closely with the People and Culture team to advise on employee privacy matters, including HR processes, internal policies and the appropriate use of employee data, with supervision, as required, by privacy counsel. • Elevate Enablement and Operational Excellence • Create and maintain policies, playbooks, templates, SOPs, and training materials that promote data protection compliant decision-making across teams. • Prepare training material and deliver training and awareness initiatives in partnership with supervising counsel and external DPO. • Identify opportunities to streamline existing processes, reduce operational friction and enhance documentation quality and consistency. • Drive process improvements to enhance scalability and operational consistency across the privacy programme. • Advise on the Compliant Use of AI • Contribute to data protection compliance process improvements and automation initiatives that increase efficiency. • Under supervision of privacy counsel, communicate privacy advice on the use of data in AI and machine learning features, ensuring the implementation of appropriate data protection safeguards and transparency. This includes drafting internal policies, addressing bias, and establishing data-handling constraints from a data protection perspective, with supervision of privacy counsel. • Work with Agility and Purpose • Collaborate effectively across functions, take initial ownership of matters that are routed for the Privacy Legal team’s review from insight to impact, and adapt as laws and products evolve—role-modeling Courage and Respect in every interaction.