Corporate Counsel, Global Privacy and Data Protection
Boston, MA
Legal /
On-site
At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives.
WHOOP is hiring a Corporate Counsel, Global Privacy and Data Protection with a passion for and specialist experience in privacy, security and data protection who can add to our Legal Team and help WHOOP protect its most important assets.
The right match for this role is a high performer and a generalist lawyer with a growth mindset and interest in taking on new areas and support across functions to meet business needs. You should thrive in an environment where each day may bring a question or situation you’ve never encountered before. As a key member of the Legal Team, you will provide support across the company, focusing on adherence to global privacy and data protection laws while enabling the business by translating legal advice into actionable policies, processes and programs. This role will work cross-functionally with all of our business teams, including Legal, Information Security, Marketing, Product, Engineering and Membership Services.
RESPONSIBILITIES:
- Advise on emerging global privacy laws and regulations that impact data privacy and data security, including identifying trends and potential impacts on business activities
- Coordinate with product and engineering teams to evaluate and design products and technologies for compliance with privacy and data protection laws
- Collaborate with the company’s CISO to help develop and maintain best-in-class privacy, security and data protection practices across the company
- Draft and negotiate complex agreements ranging from professional services, development, and supplier agreements with various merchants, partners and vendors
- Conduct privacy training and awareness programs for employees to foster a privacy-aware culture
- Respond to data subject access requests (DSARs) and inquiries from regulatory authorities regarding privacy practices
- Grow into new areas to support the business such as warranty and consumer protection, global product regulatory rules, claims review, and global supply chain
- Work autonomously as well as part of a team, coaching and mentoring others (including non-attorneys) under tight deadlines and while managing multiple priorities
- Support investigation, analysis, remediation, and notification of privacy and security incidents
QUALIFICATIONS:
- Juris Doctorate (JD) and 5+ years of relevant experience
- Admission to a State Bar and the ability to register as in-house counsel
- Specific experience with privacy and data protection laws such as CCPA, LGPD, CAN-SPAM, HIPAA, GDPR, e-Privacy Directive, and other applicable laws is required
- Experience providing risk-based and pragmatic advice, including to Senior Management level stakeholders, regarding outstanding privacy and data protection aspects of product development, commercial negotiations and on matters involving the processing of employee personal data
- Experience advising on incident response protocols, data breach notification obligations, and regulatory investigations
- Experience with the operation of compliance programs is a plus
- Experience drafting and negotiating commercial agreements
- Desire to learn and grow, stretching into areas that are not core strengths as needed to support business initiatives
- Prior in-house experience supporting global high-growth companies strongly preferred
This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.