Privacy Counsel, E-Commerce, EMEA

About the Team The Global E-Commerce Privacy team handles and oversees legal privacy and regulatory matters pertaining to TikTok's global e-commerce operations. The team works cross-functionally with multiple stakeholders around the world to tackle some of the most complex, interesting, and cutting edge issues in privacy and security. We are looking for a highly motivated, experienced, and bright legal professionals to join our exciting team.

Responsibilities:

• Actively monitor, analyze, and advise colleagues and cross-functional stakeholders on global privacy and data protection laws, regulatory developments, and enforcement trends relevant to TikTok's e-commerce business.
• Review new products, product features, and initiatives impacting the e-commerce business to identify relevant legal and regulatory requirements and guide compliance with privacy and data protection laws and TikTok policies.
• Advise on e-commerce-related privacy issues, including the collection, use, sharing, retention, and cross-border transfer of creator, merchant, buyer, logistics, payments, communications, and sensitive data.
• Assess and advise on third-party and intra-group data sharing arrangements, including vendor onboarding, data processing terms, cross-border transfer requirements, and other privacy-related contractual provisions.
• Support compliance assessments, privacy impact reviews, and implementation of controls relating to new products, data uses, and operational processes.
• Help drive global privacy strategy for the e-commerce business, while coordinating with global and local counsel on multi-jurisdictional issues and consistent implementation across markets.
• Support the development of internal and external global privacy policies, notices, standards, guidelines, and governance processes relevant to the e-commerce business.
• Collaborate with cross-functional and cross-regional stakeholders to ensure the effective implementation of privacy policies and controls across the e-commerce business.

Minimum Qualifications:

• Bachelor's degree and Juris Doctor, LLB, or equivalent law degree, and qualification to practice law in the relevant jurisdiction
• At least 5+ years of privacy-related legal experience
• In-depth knowledge of UK GDPR, EU GDPR, the ePrivacy Directive and related UK rules, the EU AI Act, and UK and EU regulatory guidance
• Experience advising multinational businesses on a broad range of privacy matters, including data collection and use, cross-border transfers, product and feature counseling, merchant, creator and customer data, payments, logistics, communications, vendor relationships, and sensitive data
• Strong communication, interpersonal skills, and sound judgment, and the ability to translate complex legal concepts into practical advice for business and product teams

Preferred Qualifications:

• Legal experience gained in both private practice and an in-house role at a multinational business
• CIPP certification in one or more jurisdictions
• Experience advising on global privacy laws, regulations, and related compliance requirements