Data Rights Manager

Job Title: Data Rights Manager

Location: Remote – our HO is in Northampton

Type: Full-Time / 37.50 – we offer a flexible working week

Salary: From £60k DOE

Closing Date: 13th June 2026 or until the right candidate is hired

Purpose of Role:

Around the globe, families, clients and staff trust Bright Horizons to provide high-quality education and care, operate with integrity, and empower them to thrive. Respecting privacy rights is an integral part of building and maintaining that trust. How we process and protect personal information as a business is critical to supporting Bright Horizons’ reputation and success.

The purpose of Bright Horizons’ Privacy Team is to ensure that Bright Horizons handles personal data responsibly and in compliance with relevant privacy laws and regulations. The Privacy Team’s goals are to protect personal data, build trust, reduce risks and enhance business practices. We strive for continuous improvement and the advancement of Bright Horizons’ privacy maturity levels.

The Data Rights Manager is responsible for leading and operating the organisation’s global data subject rights programme. This responsibility includes overseeing the end-to-end management of data subject rights requests (DSR), ensuring compliance with the global privacy regulations, and embedding scalable, consistent, and defensible processes across jurisdictions. The role acts as a key interface between Legal, Privacy, IT, Security, HR, and Operations, ensuring that individual rights are respected while managing risk, efficiency, and regulatory exposure.

Key Responsibilities:

Data Subject Rights Operations

• Own and manage the global DSR programme, including DPIAs/LIAs, policies and notices, standard operating procedures, workflows, queue management, templates and continuous improvement.

• Oversee the end-to-end handling of high-volume and complex DSRs across multiple jurisdictions.

• Ensure all DSR responses meet statutory deadlines and applicable legal requirements.

• Review complex or high-risk responses and escalate for senior approval where required.

• Manage DSR vendors, including external service providers and outside counsel.

• Coordinate complex data searches across enterprise and local systems (email, collaboration tools, business applications, archives, backups) and maintain defensible audit trails.

• Support the business in responding to third-party requests for personal data (e.g. law enforcement).

Governance, Compliance and Regulatory Alignment

• Interpret and operationalise data rights requirements across global privacy regimes.

• Monitor relevant laws, regulatory guidance and enforcement trends, updating the DSR programme as needed.

• Develop, maintain, and enhance global DSR policies, procedures, templates, and decision frameworks in line with applicable laws and supervisory authority guidance.

• Ensure consistent and defensible interpretation of exemptions, restrictions, and lawful refusal grounds.

• Maintain metrics, trend analysis and reporting to support governance, compliance and certification requirements.

• Support regulatory inspections, internal and external audits, and investigations related to data rights.

• Maintain robust records of decision-making and audit trails.

Stakeholder Management, Tools, Automation and Continuous Improvement

• Act as the primary escalation point for data rights issues across the organization.

• Partner with Legal, HR, IT, Security, and Business Operations teams to identify, review and disclose personal data.

• Advise stakeholders on regulatory requirements, risk and proportionality.

• Own, manage, configure and optimise data rights tooling and workflows within the organization’s case management platform (OneTrust).

• Drive automation and efficiency improvements while maintaining legal accuracy and quality assurance.

Other

• Promote a consistent, rights-respecting privacy culture globally.

• Lead and manage the DSR team, setting clear goals, SLAs, and quality standards.

• Undertake ad hoc tasks and other duties appropriate to the role.

Qualifications and Essential Experience:

• Degree or equivalent professional experience in a similar role.

• Privacy qualification such as CIPP/E, CIPP/UK, CIPM, or similar (highly desirable).

• Legal, compliance, or data governance background advantageous.

• Significant experience (5+ years) in data rights management (required).

• Deep practical knowledge of US, UK and EU privacy regimes, particularly individual rights.

• Hands-on experience leading teams and managing DSARs at scale, including complex and contentious requests.

• Proficiency with case management platforms and video redaction software.

• Proven ability to apply exemptions, manage statutory deadlines, and maintain defensible audit trails.

• Familiarity with CCTV ecosystem, including camera systems, access controls, retention, and chain of custody.

• Strong regulatory judgement and risk-based decision‑making capability.

• Ability to operate effectively in a global, matrixed organisation.

• Excellent written and verbal communication, stakeholder management and complaint-resolution skills.

• Demonstrated leadership fostering strong team performance and continuous improvement.

• Strong diversity and cultural awareness.

• Flexible and dependable, with the willingness to support global offices and time-sensitive deadlines as required.

Bright Horizons is committed to safeguarding and promoting the welfare of children and young people. This post is subject to safer recruitment practice and pre-employment checks, including an enhanced DBS check, which will be undertaken before any appointment is confirmed. We are an inclusive employer and welcome people from all backgrounds to apply. We will consider reasonable adjustments required by applicants. If you share our passion, values, and have most of the skills listed, we encourage you to apply – as you may be just what we are looking for!

We look forward to receiving your application!

If you experience any problems, please email europe.recruitment@brighthorizons.com and we will be happy to help.