Director of Data Privacy

Overview

ARB Interactive, Inc. (ARB) is seeking a Director of Data Privacy, who will act as the Data Privacy Officer (DPO) for ARB. The Director of Data Privacy/DPO will develop, lead and oversee our data privacy compliance operation and relevant teams and personnel responsible for building out and managing operational processes and programs that require compliance with various countries’ and states’ data privacy laws. This role is directly responsible for representing the Data Privacy compliance program during virtual and onsite audits from global regulatory bodies, financial institutions, attorney general offices and other governmental agencies.

The Director of Data Privacy/DPO will be responsible for developing, implementing, and maintaining the company’s data protection and privacy program in alignment with applicable laws and regulatory requirements, including but not limited to GDPR, CCPA, and gaming-specific regulations. This role will oversee the collection, processing, storage, and sharing of personal and financial data for players, employees, and partners, ensuring that all data handling practices are transparent, secure, and compliant. The Director of Data Privacy/DPO will conduct data protection impact assessments (DPIAs), manage records of processing activities, monitor third-party vendor compliance, and establish policies and procedures that reflect industry best practices in cybersecurity and responsible gaming environments.

In addition, the DPO will serve as the primary point of contact for regulators, supervisory authorities, and internal stakeholders on all matters related to data privacy and protection. The role includes leading incident response efforts related to data breaches, coordinating required notifications, and delivering privacy training and awareness programs across the organization. The DPO will advise leadership on privacy-by-design principles in product development, marketing initiatives, and platform enhancements, helping the company balance innovation with regulatory compliance and user trust.

Key Responsibilities

This position will establish the foundation for ARB data privacy protections, policies and procedures, working with a team of executives to grow, develop, and innovate ARB’s best-in-class product offerings. Reporting to ARB’s General Counsel, this Director of Data Privacy role will focus on ensuring ARB’s compliance with various countries and states data privacy laws, while educating and advising ARB’s management team and front-line personnel on data privacy protections, including:

• Lead and manage the company’s data privacy and protection program for a fast-growing online social casino and social plus gaming platform.
• Ensure compliance with GDPR, CCPA/CPRA, and applicable gaming regulatory requirements across all jurisdictions.
• Demonstrate familiarity with California Invasion of Privacy (CIPA) and Illinois Biometric Information Privacy Act (BIPA) claims and corresponding litigation.
• Oversee lawful collection, processing, storage, and transfer of player and financial data, including KYC, AML, and geolocation information.
• Embed privacy-by-design principles into product development, payments, marketing, analytics, and platform integrations.
• Serve as the primary liaison with regulators and data protection authorities.
• Lead data breach response, regulatory notifications, and incident documentation.
• Oversee third-party vendor privacy compliance (payment processors, game providers, cloud, affiliates).
• Manage consumer data rights requests and maintain data processing records and DPIAs.
• Partner with Product, Technology, Cyber Security, Compliance, and Legal teams to mitigate privacy risk and support responsible gaming initiatives.
• Monitor evolving privacy and gaming regulations and advise leadership on risk and compliance strategy.

Requirements

• J.D. required.
• Minimum of 8 years of data privacy compliance experience with prior background in gaming (casino, sports, iGaming or social casino) or online businesses preferred.
• Experience influencing and collaborating with a broad set of senior stakeholders.
• Excellent analytical skills with a keen attention to detail.
• Proven ability to communicate complex compliance issues clearly and effectively.
• Strong organizational skills and the ability to manage multiple projects simultaneously.
• Passion for being part of a team and a desire to work hard in a fast-paced, start-up environment.

Diversity Commitment

ARB Interactive is focused on building a diverse and inclusive team. We welcome people of all backgrounds, experiences, abilities, and perspectives and are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Important Security Notice

Our recruitment team will only contact candidates through official channels using @arbinteractive.com email addresses and via our recruiting platform, Ashby. If you find a position on a third party careers page (LinkedIn, Indeed, etc.), the job posting will redirect you to our careers page (https://jobs.ashbyhq.com/arb-interactive) to begin your application. We will never request payment, banking information, or personal identification details during the application process.

If you're ever uncertain about the legitimacy of communication claiming to be from our company, please forward it to recruiting@arbinteractive.com for verification before responding or clicking any links.

Key Skills/Competency

• Data Privacy Compliance
• GDPR
• CCPA/CPRA
• Gaming Regulations
• Data Protection Officer (DPO)
• Incident Response Management
• Privacy by Design
• Vendor Compliance
• DPIA (Data Protection Impact Assessments)
• Legal Counsel (Privacy)