Location: Malta or UK (London)

Department: Legal/Compliance

Since 2006, NetBet has delivered the ultimate online casino and sportsbook experience for its players across the globe. Alongside sports betting and casinos, players also enjoy Lotto, Live Casino, and poker products. With access to multiple languages across all its registered markets, thousands of industry-leading casino games, and daily sports events, NetBet has evolved into one of the world’s favourite online gaming brands. NetBet provides users with a friendly environment, total security, and reliable navigation. Its features are recognised by flagship organisations specialising in regulating and controlling online gaming sites. To enrich player trust and protection, NetBet has several gaming licences from across the world, including MGA, UK, Germany, Denmark, Greece, France, Romania, and Italy. This ensures that NetBet operates in line with the rules and regulations of each jurisdiction and that players receive the best possible service.

Why Work With Us?

As a global leader in the gaming industry, NetBet combines cutting-edge technology with a fun, supportive, and inclusive culture. We’re proud to be a place where people from all backgrounds can collaborate and succeed together. With offices around the world and a commitment to hybrid working, we offer flexible options that fit your lifestyle.

Job Objective:

The responsibilities of this role are to lead and manage NetBet Group’s Data Protection function across all jurisdictions of operation (currently UK, Italy, Romania, Greece, Malta (MGA), Denmark, Germany) while also providing day‑to‑day legal support. The LDPO ensures compliance with GDPR/UK GDPR, ePrivacy and national laws, oversees privacy governance, DPIAs, vendor due diligence, breach management, and provides general legal guidance on regulatory matters. The role works closely with the Head of Compliance and other stakeholders to support the business with practical, business‑focused legal and privacy advice.

Key Responsibilities:

Governance & Advisory:

• Own the Group Privacy Framework (policies, standards, controls) covering web, mobile, retail, PAM/CRM, payments, marketing, affiliates and suppliers.
• Working with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
• Maintain Register of Processing Activities (ROPA) and lawful bases; embed privacy by design in product, marketing and analytics workflows.
• Provide pragmatic legal and compliance guidance to management and business teams, ensuring that strategic decisions, policies, and commercial activities are aligned with applicable laws, licensing requirements, and data protection obligations
• Assist in drafting and maintaining standard legal templates (NDAs, service agreements, partnership terms) to ensure consistency and risk control.
• Define annual privacy plan, KPIs and risk appetite, report quarterly to BoD and coordinate with Internal Audit.
• Monitoring changes to local and European privacy laws and making recommendations when appropriate.
• Assisting the Compliance Officers to manage risk and also introduce appropriate policies and procedures to protect the Players’ Data and the Company.
• Ensuring that the Company’s IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data).
• Be required to hold the Legal and Key Privacy position with MGA and if required other regulators.
• The role also extends to two affiliated service providers that are part and parcel of NetBet, ensuring their operations remain aligned with the Group’s data protection framework and obligations.

Regulatory Engagement:

• Serve as the primary contact for supervisory authorities and data subjects; manage notifications of DPO details in each jurisdiction.
• Working with designated privacy law attorneys across the Company’s offices and, where necessary, outside counsel to help advise on local data privacy law issues.
• Promoting effective work practices, working as a team member, and showing respect for co-workers
• Handle any legal matters that may arise from time to time that are within the employee’s sphere of expertise including the review of legal documents and service provider agreements

Training and Awareness:

• Deliver role-based Data Protection training across the Group.
• Ensure employees are equipped with the knowledge required to meet regulatory obligations and internal standards.
• Run control monitoring, thematic reviews and audits, track remediation to closure.

Skills and Qualifications:

• Degree in Law, or related; and/or advanced privacy certifications (CIPP/E, CIPM/CIPT, BCS/PC.dp, IAPP Fellow).
• 4+ years in privacy/data protection.
• Experience on leading privacy in online gambling is highly desirable.
• Experience providing pragmatic legal guidance on contracts, onboarding of suppliers/partners, and regulatory queries.
• Demonstrated cross‑border GDPR/UK GDPR experience and engagement with supervisory authorities.
• Proven independence and board‑facing communication; ability to influence senior stakeholders and product/engineering teams.
• Fluent English; additional languages (Italian, Greek, Romanian considered a plus).

Behavioural Skills:

• Exceptional leadership and people management capabilities.
• Outstanding communication skills, with the ability to interact credibly with regulators, executives, and operational teams.
• High integrity, discretion, and professionalism.

What We Offer:
NetBet recognises the value of exceptional talent and rewards it accordingly. As a NetBet employee, you will receive (applicable to Malta-based candidates):

• Hybrid working (2 days in office/ 3 days remote)
• Private Health Insurance (after successful probation)
• Employee Wellbeing
• Learning and Development Programmes
• Staff social engagement activities

Commitment to Diversity:
NetBet is dedicated to equality of opportunity for all staff. Applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief, and marriage or civil partnerships.

Personal data is processed in accordance with EU GDPR. CVs are retained for 12 months, and we may contact you regarding other suitable roles during this period.