Job Description

About Zippe Group

Zippe is more than just a company - it's a growing group of community-focused businesses built around making life easier, more connected, and more inclusive. From digital innovation through the Zippe app, to trusted transport with Zippe Transport and Zippe Minibuses - we are building a brand that brings everyday support to the people who need it most.

Purpose of the Role:

The Privacy and Compliance Manager will play a critical role in ensuring that Zippe Group Ltd complies with all data protection laws and related contractual obligations, particularly regarding the handling of sensitive personal and company data. This role will oversee day to-day privacy compliance activities, manage data protection risks, coordinate with local authorities on safeguarding matters, and work closely with the DPO in supporting the company fulfil legal obligations.

In addition, the role will take a lead in setting and embedding new compliance and safeguarding standards across the growing businesses within the Zippe Group, ensuring that regulatory requirements and best practices are implemented consistently as the group expands.

This is an on-premises based role to ensure full access and involvement across the Zippe Group businesses and to take full ownership of driving and embedding compliance standards throughout the organisation.

Key Responsibilities:

Assist the DPO in maintaining, reviewing, and helping to set data protection and privacy standards across all business operations. Establish and implement compliance frameworks to meet GDPR, Data Protection Act 2018, and local authority safeguarding requirements. Work with the DPO to establish a methodology and identify areas for regular audits and compliance checks to ensure the company's policies and practices align with legal standards and industry best practices. Develop, maintain, and monitor records of processing activities (ROPA) and prepare Data Protection Impact Assessments (DPIAs) for review by the DPO. Oversee data sharing agreements with third parties, including local authorities and technology providers, ensuring all data-sharing activities meet required compliance standards. Respond to Subject Access Requests (SARs) and liaise with the DPO to coordinate data breach reporting procedures in line with legal obligations. Provide guidance and deliver training to drivers, passenger assistants, and office staff on data protection, safeguarding responsibilities, and company compliance standards. Play a key role in setting and promoting safeguarding standards across all transport services, particularly for contracts involving children and vulnerable adults. Collaborate with IT teams to ensure the security of personal data collected through the passenger app and internal systems. Act as a key point of contact for local authority safeguarding leads and compliance officers. Prepare regular reports for senior management on privacy compliance, data protection risks, and safeguarding performance, including recommendations for policy and standard improvements.

Qualifications and Experience:

GDPR Practitioner Certificate or equivalent (essential). In-depth knowledge of the UK GDPR, Data Protection Act 2018, and safeguarding legislation. Minimum 2 years of experience in a data protection, or compliance, or safeguarding role, ideally within a regulated or transport environment. Experience working within an environment that is subject Safeguarding requirements. Experience conducting internal audits and managing data breach incidents. Strong written and verbal communication skills. Ability to work independently and manage multiple priorities effectively.

Desirable Skills:

Experience working with local authorities or within the public sector. Familiarity with safeguarding policies for children and vulnerable adults. Awareness of IT security protocols and working with app-based platforms.

Reports To:

This position reports directly to the Chief Finance Officer for Zippe Group Ltd, providing support and oversight across all Zippe Group companies, currently Zippe Transport Ltd, Zippe Minibuses Ltd & Zippe App Ltd.

Location:

On-Premises Role.

Salary:

Competitive salary, commensurate with experience and qualifications.

Contract Type:

Flexible working hours - full-time or part-time considered.

Job Types: Full-time, Part-time, Permanent

Pay: 35,000.00-45,000.00 per year

Schedule:

Day shift Monday to Friday
Ability to commute/relocate:

Radstock BA3 4BH: reliably commute or plan to relocate before starting work (required)
Language:

English (required)
Work authorisation:

United Kingdom (preferred)
Work Location: In person

Application deadline: 19/06/2025