MasterCard Data Privacy Counsel in London, United Kingdom

Who is Mastercard?

We are the global technology company behind the world’s fastest payments processing network. We are a vehicle for commerce, a connection to financial systems for the previously excluded, a technology innovation lab, and the home of Priceless at ®. We ensure every employee has the opportunity to be a part of something bigger and to change lives. We believe as our company grows, so should you. We believe in connecting everyone to endless, priceless possibilities.

Job Title

Data Privacy Counsel


MasterCard is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of its business strategy. As part of that commitment, MasterCard has established a world-class privacy program and is currently adding talent to its global team.

Vocalink has recently been acquired by Mastercard and is a key driver in achieving MasterCard’s vision “A World Beyond Cash”. Vocalink designs, builds and operates industry-leading bank account-based payment systems. Vocalink’s technologies power the UK’s real-time payments, settlements and direct debit systems, as well as the UK’s network of over 70,000 ATMs. In 2016, Vocalink processed over 90 percent of UK salaries, more than 70 percent of household bills and almost all UK state benefits. In addition, Vocalink’s bank account-based payment solutions underpin instant payment services in Singapore, Thailand and the United States. Further information about Voclaink can be found at:

The Senior Counsel will report to the Group Head of Privacy at VocaLink and will be responsible for ensuring that VocaLink’s data practices align with Mastercard’s Global Privacy Program and comply with all applicable data protection and data-related regulations globally. Vocalink’s Privacy and Data Protection practice forms part of the Vocalink legal team, which is part of the Mastercard Legal, Franchise and Integrity group. The Vocalink Privacy and Data Protection practice also has dual reporting into the Masstercard global Privacy & Information Governance team.


• Ensure VocaLink’s alignment with Mastercard policies, procedures and processes and compliance with all global, regional and local privacy and data-related laws, including: regulatory filings and authorizations, international data transfer rules, outsourcing laws, employee compliance, data breach notification requirements, data access requests.

• Assist with implementing the EU General Data Protection Regulation (GDPR) at VocaLink, to bring all activities into compliance with the new requirements by May 2018 and to ensure ongoing compliance.

• Review and amend existing agreements with VocaLink’s customers, partners and vendors to comply with the EU GDPR and BCRs, in alignment with Mastercard’s standard templates.

• Update and maintain privacy notices, using a layered approach, for all Vocalink HR processing activities, and update, align and maintain all Vocalink policies to Mastercard global and EEA data protection policies.

• Update and maintain Vocalink processes and procedures, including its security due diligence process for vendors and service providers, to comply with the GDPR and Binding Corporate Rules and align with Mastercard’s processes.

• Enable the development of data driven products and solutions by ensuring compliance with applicable privacy and data protection laws, utilizing Privacy by Design and Privacy by Default methodology, and leveraging the tools developed by Mastercard.

• Assist with conducting Data Protection Impact Assessments (DPIAs) where needed.

• Identify business as well as technical infrastructure requirements resulting from the EU GDPR and work with business and technical teams to assist integration with Mastercard’s enterprise level tools.

• Ensure VocaLink is covered by Mastercard’s BCRs to enable global data transfers.

• Support the organization in rolling out the Mastercard Data Literacy Program in Vocalink and raise employee awareness about privacy and data-related developments, including about the GDPR and BCRs.

• Work closely with members of the Mastercard Information Governance & Privacy Team around the globe to have a comprehensive and up-to-date understanding of data-related requirements in other Regions, while educating them on the VocaLink’s activities.

Lead negotiations with third parties (Vocalink customers and suppliers) on data privacy matters, working closely with business and legal colleagues to guide the decision making process as it relates to data privacy and ensure that cross-business agreement is gained and the negotiated position aligns with local and group data privacy policies.

All about you

• 2+ years of privacy and data protection experience required.

• Expertise in and track record dealing with UK data protection regime, EU Data Protection Directive, e-Privacy Directive and other privacy and data regulatory frameworks;

• Solid knowledge of the new EU General Data Protection Regulation (GDPR);

• Ability to think and act both strategically and tactically with respect to the needs of business clients and their objectives while ensuring that VocaLink remains compliant with law, as well as industry best practices.

• Familiarity with financial services industry and payment processing.

• Motivated self-starter with ability to excel at multi-tasking in a fast paced environment.

• Superior time management, planning, and organizational skills.

• Strong analytic capabilities, and written and oral communication skills. Attention to detail is a must.

• Exceptional interpersonal skills with proven experience in relationship building and partnering. Must work well in both team and individual settings.

• Ability to motivate and influence highly skilled professionals to achieve major organizational goals.

Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.​

If you require accommodations or assistance to complete the online application process, please contact and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Everyone wants easier ways to pay;

we invent them.

Checkout lines are slow;

we speed them along.

Merchants want more sales;

we give them data and insights.

People need financial access;

we connect them.

Corporate purchasing is complicated;

we make it simple.

Commuters are busy;

we speed them on their way.

Governments need greater efficiencies;

we help create them.

Small businesses are virtual;

we give them access to a world of buyers.

Retailers want to fight fraud;

we provide the tools.

Requisition ID: R-75359