Step into the exciting world of marketing as a Data Protection Officer. We are offering excellent benefits in a great environment, with opportunities to advance alongside some of the best leaders and talent within the marketing industry.


Response One is an insight-driven marketing agency backed by the power of the St Ives Group, specialising in delivering innovation alongside the highest standards of client service with a professional and co-operative approach to doing business.

Our work family is a group of brilliant people who inspire trust, respect and loyalty, and continually drive change. We prioritise collaboration, knowledge sharing and mentoring to bring out the very best in each other.

Together we celebrate our success, face challenges and live by our business vision and core values – Innovation, Collaboration, Commitment and Diligence.

St Ives PLC’s marketing services businesses Response One, Occam and Amaze One are an integrated proposition, focused around the four core areas of Media, Technology, CRM and Data Science. The group has the capability to support any stage of the customer lifecycle and offers clients the rare opportunity to have a single agency to seamlessly handle everything from media planning to customer retention.


As Data Protection Officer, you will have responsibility for the management of Data Protection compliance with the relative legislative requirements including, but not limited to, those of the EU Data Protection Directive, GDPR and the UK Data Protection Act 1998.


Based in Bath (BA2 3LR), but will include travel across the UK


key responsibilities will include, but are not limited to:

  • Manage compliance reviews within the group of companies and develop action plans for appropriate areas.
  • Devise, implement and monitor policies that comply with legislation and amend as appropriate subject to changes in legislation.
  • Ensuring that requests from data subjects are dealt with promptly and in compliance with current privacy law.
  • Managing periodic audits of data protection compliance within the company and identifying actions necessary for remediation.
  • Responding to all privacy/confidentiality matters related to the privacy framework asked by external regulators, auditors and clients.
  • Providing appropriate advice and interpretation of the provisions of the Act as they impact the company’s activities in general and/or specific functions across all service lines and business units.
  • Maintaining the general data protection training programme within the company and delivering ad-hoc awareness and in-depth training as necessary.
  • Ensuring that the company’s notifications to the Information Commissioner are maintained and up to date and accurate.
  • Keep Directors up to date regarding their obligations under legislation.


Understanding of the European General Data Protection Regulation (GDPR)

  • Values and drives compliance
  • Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility
  • Knowledge of cybersecurity risks and other information security standards
  • Qualification in Data Protection or GDPR is desirable

 Please click here for a full job description and details of how to apply.