Associate Paralegal, Privacy

About The Position

Requirements

• Experience working in privacy compliance, data protection, or legal operations in a technology, software, or similarly regulated environment.
• Foundational understanding of global privacy laws and frameworks, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
• Familiarity with privacy management tools or platforms, with an interest in learning systems like OneTrust or similar solutions.
• Understanding of basic data security concepts and how they connect to privacy obligations and risk management.
• Ability to interpret and follow detailed playbooks and procedures with consistency and accuracy.
• Strong attention to detail and organizational skills to track and manage multiple privacy-related tasks, requests, and deadlines.
• Clear written and verbal communication skills to explain privacy concepts and collaborate with Legal, Security, Engineering, and other cross-functional teams.
• Openness to learning, with readiness to apply transferable skills from related legal, compliance, or operations roles and contribute in a distributed, asynchronous environment.

Responsibilities

• Collaborate with support engineers to draft clear, consistent responses to non-standard data subject requests under the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other privacy regulations.
• Manage and coordinate responses to government and law enforcement requests for data, ensuring timely, accurate, and compliant production in line with GitLab’s policies.
• Review vendor data processing agreements to identify privacy and data protection issues, and escalate discrepancies against GitLab’s privacy playbook and standards.
• Follow established privacy playbooks and procedures to support compliance activities and ensure consistent handling of requests and reviews.
• Monitor developments in global privacy laws and regulations and help update internal processes, guidance, and templates as needed.
• Partner with Legal, Security, Engineering, and other cross-functional teams to integrate privacy requirements into business operations and product workflows.
• Maintain organized, detailed records of privacy-related activities, including requests, reviews, and decisions, and support internal audits or assessments.

Benefits

• Benefits to support your health, finances, and well-being
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and Development Fund
• Parental leave
• Home office support