Data Privacy Coordinator

About Oviva

At Oviva, we’re on a mission to make sustainable, personalized, clinically effective care accessible to everyone and to deliver against our vision of becoming Europe’s leading AI‑powered chronic care platform.

Our digital programmes support people living with weight related illnesses. While weight loss is a goal for many, our approach is about so much more: improving health, building confidence, and enhancing quality of life.

We’ve already supported over one million people across the UK, Switzerland, and Germany, with a shared service centre in Poland. Every conversation, coaching session, and line of code helps move us closer to a healthier future. Join us and be part of the team making that future possible.

We are committed to delivering impactful, accessible care built on a foundation of innovation and privacy.

• Own and maintain group‑wide Records of Processing Activities (ROPA) and documentation standards, ensuring audit‑readiness and compliance with current global regulations.
• Embed Privacy by Design with product and engineering teams, integrating privacy safeguards into clinical tools.
• Manage Data Protection Impact Assessments (DPIAs) and Subject Access Requests (SARs) efficiently.
• Act as subject matter expert for cross‑jurisdictional privacy challenges, providing risk identification and pragmatic solutions.
• Contribute to a culture of privacy awareness, guiding the team in protecting patient data.
• Lead day‑to‑day privacy task management, including ROPA maintenance and SAR handling.
• Coordinate DPIAs for new projects and technologies, balancing innovation with compliance.
• Serve as central point of contact for privacy matters across European markets, respecting local nuances.
• Apply knowledge of healthcare data challenges to protect sensitive information and support clinical operations.
• Draft and refine privacy notices and internal policies that reflect inclusive data handling.
• Monitor changes in data protection laws and suggest process enhancements.

• 3+ years of post‑qualification experience in data privacy, ideally within a multi‑country group.
• LLM and/or State Exam or LLB qualification.
• Subject matter expert in GDPR and comprehensive privacy principles; experience with clinical or sensitive data is a significant advantage.
• Comfortable working independently, managing multiple priorities with a solution‑oriented mindset.
• Excellent communication skills, simplifying complex legal requirements into clear guidance.
• Fluency in English; proficiency in German or other European languages is a plus.
• Knowledge of data protection regulations across the UK, Germany, Switzerland, and Poland.

• A mission‑driven environment focused on making a real‑world impact.
• High‑growth opportunities with a clear path to broader strategic leadership.
• A flexible remote/hybrid work culture across the UK, Germany, Switzerland and Poland.
• Annual learning & development budget.
• Home working allowance and flexible working hours.
• Competitive compensation, benefits, and inclusive policies (enhanced leave, etc.)