Legal Counsel

Who We Are
Spoki is a Conversational Platform that helps companies build authentic relationships with their customers through Whats App and Artificial Intelligence. We believe in the value of genuine connections and provide tools that enable marketing, sales, and customer care teams to communicate in a direct, effective, and personal way.
Our culture is built on four key principles: an unwavering passion for what we do, putting customer success first, working as a united and collaborative team, and approaching challenges with an entrepreneurial and results-driven mindset.

The role
As  Legal Counsel  at Spoki, you will be the internal legal guardian of our business operations and growth strategy. This is a strategic, high-impact role designed for a legal professional who understands technology, data privacy, and the evolving AI regulatory landscape.
Your mission is to ensure Spoki operates in full legal compliance while enabling rapid business growth through clear contracts, robust data protection practices, and proactive risk management. You'll work at the intersection of law, technology, and business strategy—making legal a competitive advantage, not a bottleneck.
This role is for a pragmatic, business-oriented legal professional who thrives in fast-paced tech environments and believes legal should empower innovation, not slow it down.

Location:

San Vito dei Normanni, Italy

What you will do:

Contract Management & Negotiation
Draft, review, and negotiate B2B commercial contracts (SaaS agreements, MSAs, NDAs, partnership agreements)
Manage customer and supplier contracts lifecycle, ensuring compliance and minimizing legal risk
Support sales and business development teams with contract templates, playbooks, and rapid turnaround
Negotiate and finalize contracts with technology providers, vendors, and strategic partners
Ensure contract compliance with Italian, EU, and international commercial law
GDPR & Data Privacy Compliance
Design and maintain Spoki's GDPR compliance framework and data protection policies
Draft and update privacy policies, cookie policies, data processing agreements (DPAs), and GDPR documentation
Conduct data protection impact assessments (DPIAs) for new products and features
Act as internal Data Protection Officer (DPO) or coordinate with external DPO when required
Manage data subject requests (access, erasure, portability) and privacy-related inquiries
Monitor evolving EU and national data protection regulations and ensure ongoing compliance
Support implementation of privacy-by-design principles across product and engineering teams
AI Act & Emerging Technology Regulation
Monitor and interpret the EU AI Act and related regulations affecting AI-powered products
Assess Spoki's AI systems for compliance with emerging AI regulatory requirements
Collaborate with product and engineering teams to implement AI governance frameworks
Draft AI-related disclaimers, terms of use, and transparency documentation
Stay ahead of evolving AI regulation across Europe and key international markets

Ideal Candidate Profile
We are looking for a  pragmatic, business-oriented Legal & Compliance professional  with strong experience in  commercial contracts, data protection, and emerging technology regulation , who enjoys working closely with fast-moving product, sales, and engineering teams.
Experience & Background
Law degree (or equivalent legal qualification); specialization in  commercial, technology, or data protection law  is a strong plus
3+ years of experience  in in-house legal team, preferably in  SaaS, tech, or digital businesses
Proven hands-on experience drafting and negotiating  B2B commercial contracts  (SaaS agreements, MSAs, NDAs, partnership and vendor agreements)
Solid experience managing the  full contract lifecycle , from drafting to execution and compliance
Strong working knowledge of  Italian, EU, and international commercial law
Demonstrated experience with  GDPR compliance , ideally acting as internal DPO or as primary GDPR point of contact
Familiarity with  AI-powered products  and interest or experience in  AI regulation (EU AI Act)  is highly desirable

Legal & Technical Expertise
Excellent understanding of  GDPR , including:
Privacy and cookie policies
Data processing agreements (DPAs)
DPIAs and privacy risk assessments
Data subject rights management
Ability to translate legal requirements into  practical, scalable processes  for product and engineering teams
Knowledge of  privacy-by-design and privacy-by-default  principles
Ability to monitor and interpret  regulatory developments  (GDPR updates, EU AI Act, digital regulation trends)
Comfortable drafting  AI-related terms, transparency notices, and compliance documentation

Business & Soft Skills
Strong  negotiation skills  with a solution-oriented and commercial mindset
Able to balance  legal risk management with business growth needs
Excellent communication skills, with the ability to explain complex legal topics to non-legal stakeholders
Highly organized, detail-oriented, and able to…