Privacy Counsel, E-Commerce, EMEA

About the Team
The Global E-Commerce Privacy team handles and oversees legal privacy and regulatory matters pertaining to TikTok's global e-commerce operations. The team works cross-functionally with multiple stakeholders around the world to tackle some of the most complex, interesting, and cutting edge issues in privacy and security. We are looking for a highly motivated, experienced, and bright legal professionals to join our exciting team.
Responsibilities:
- Actively monitor, analyze, and advise colleagues and cross-functional stakeholders on global privacy and data protection laws, regulatory developments, and enforcement trends relevant to TikTok's e-commerce business.
- Review new products, product features, and initiatives impacting the e-commerce business to identify relevant legal and regulatory requirements and guide compliance with privacy and data protection laws and TikTok policies.
- Advise on e-commerce-related privacy issues, including the collection, use, sharing, retention, and cross-border transfer of creator, merchant, buyer, logistics, payments, communications, and sensitive data.
- Assess and advise on third-party and intra-group data sharing arrangements, including vendor onboarding, data processing terms, cross-border transfer requirements, and other privacy-related contractual provisions.
- Support compliance assessments, privacy impact reviews, and implementation of controls relating to new products, data uses, and operational processes.
- Help drive global privacy strategy for the e-commerce business, while coordinating with global and local counsel on multi-jurisdictional issues and consistent implementation across markets.
- Support the development of internal and external global privacy policies, notices, standards, guidelines, and governance processes relevant to the e-commerce business.
- Collaborate with cross-functional and cross-regional stakeholders to ensure the effective implementation of privacy policies and controls across the e-commerce business.
Requirements:
Minimum Qualifications:
- Bachelor's degree and Juris Doctor, LLB, or equivalent law degree, and qualification to practice law in the relevant jurisdiction
- At least 5+ years of privacy-related legal experience
- In-depth knowledge of UK GDPR, EU GDPR, the ePrivacy Directive and related UK rules, the EU AI Act, and UK and EU regulatory guidance
- Experience advising multinational businesses on a broad range of privacy matters, including data collection and use, cross-border transfers, product and feature counseling, merchant, creator and customer data, payments, logistics, communications, vendor relationships, and sensitive data
- Strong communication, interpersonal skills, and sound judgment, and the ability to translate complex legal concepts into practical advice for business and product teams
Preferred Qualifications:
- Legal experience gained in both private practice and an in-house role at a multinational business
- CIPP certification in one or more jurisdictions
- Experience advising on global privacy laws, regulations, and related compliance requirements