Privacy Counsel, Americas

WHO WE ARE At Trustly, we're building a smarter, faster, and more secure financial future by revolutionizing the world of payments. As a global leader in Open Banking Payments, we are establishing Pay by Bank as the new standard at checkout, providing unparalleled freedom, speed, and ease to millions of consumers and merchants worldwide. Our Ambition: To build the world’s most disruptive payment network and redefine what the payment experience should feel like. Trustly is a global team of innovators, collaborators, and doers.  If you are driven by a strong sense of purpose and thrive in a dynamic, entrepreneurial, and high-growth environment, join us and be part of a team that’s transforming the way the world pays. ABOUT THE ROLE We are seeking an experienced Privacy Counsel to join our globalLegal, Compliance & Risk team at an exciting period in Trustly's growth. Reporting directly to the Global Head of Privacy & DPO, you will support the implementation and adaptation of Trustly's global privacy framework across the Americas (US, Brazil and Canada), advise on data protection matters, and ensure compliance with the highest privacy standards. Working closely with Product, Engineering, Marketing and Compliance teams, you will embed privacy by design throughout the organisation. This role requires strong expertise in US privacy laws and regulations with proven experience advising on cross-border data transfers. The ideal candidate will be a strategic thinker with practical problem-solving abilities, who thrives on partnering closely with business teams to navigate the complex and rapidly evolving privacy landscape. Applications for this role are accepted on an ongoing basis. SALARY RANGES IN US-BASED ROLE POSTING Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Recruiters can share more information with applicants about the specific salary range for preferred locations during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only and do not include other perks and benefits. WHAT WE OFFER At Trustly, you’ll have the chance to solve meaningful challenges alongside some of the brightest minds in FinTech. Together, we’re shaping the future of payments in an environment that celebrates curiosity, collaboration, and innovation. You'll be challenged and empowered to grow, making a real impact every step of the way. Our team is as diverse as the global footprint we serve, with colleagues across Silicon Valley, the U.S., Canada, Brazil, Europe, and beyond. At Trustly, we foster a workplace where everyone feels they belong—a place where teamwork thrives, ideas flourish, and we never forget to have fun along the way. We offer innovative perks and benefits packages that include: - Flexible paid time off & generous PTO accrual plans - Comprehensive medical, dental, vision, and other insurances - FSA & HSA plans for medical and dependent care - Home office set-up allowance - Internet stipend - Retirement plan match for 401k and RRSP - Gender-neutral paid parental leave, and more! (The benefits and total compensation packages outlined above are for full-time employees; some exclusions apply for temporary positions.) At Trustly, we embrace and celebrate diversity of all forms and the value it brings to our employees and customers. We are proud and committed to being an Equal Opportunity Employer and believe an open and inclusive environment enables people to do their best work.  All decisions regarding hiring, advancement, and any other aspects of employment are made solely on the basis of qualifications, merit, and business need. WHAT YOU'LL DO Support the execution of Trustly's privacy strategy for the Americas region, ensuring compliance with US federal and state privacy laws (including CCPA/CPRA, applicable state privacy laws, and federal sector-specific regulations such as GLBA and FCRA), Canadian privacy laws (including PIPEDA and Quebec Law 25), and Brazilian privacy law (LGPD); Conduct privacy impact assessments for new products, services, features, and business initiatives. Provide practical, business-focused legal advice on privacy matters to internal stakeholders. Advise on data subject rights requests (including rights to access, opt out etc). Support privacy breach preparedness and incident response efforts for the Americas region, including contributing to incident response plans, coordinating breach investigations, and managing notifications to supervisory authorities and communications to data subjects. Advise on and support the negotiation of data processing agreements, data transfer mechanisms (including standard contractual clauses, adequacy decisions, and other transfer tools), and privacy terms with vendors, partners, and customers. Monitor legislative and regulatory developments affecting privacy and data protection in the Americas, including tracking US federal and state developments, providing timely analysis and recommendations to senior leadership. Collaborate closely with the global Privacy & DPO team to ensure alignment on privacy strategies, share best practices, and coordinate cross-regional privacy initiatives. Develop and maintain privacy documentation, including records of processing activities, legal advice notes and privacy compliance registers. Support privacy-related audits, assessments, and due diligence activities. WHO YOU ARE Juris Doctor (JD) degree from an accredited law school and active bar admission in at least one US jurisdiction. Minimum of 3-5 years of experience as a privacy attorney (including demonstrated experience advising on GLBA, CCPA, and state data protection laws). Demonstrated experience in the FinTech or the payment services sector, with knowledge of the unique privacy challenges and regulatory landscape affecting payments and financial technology companies would be a bonus. Experience working as part of a global privacy team, with proven ability to collaborate effectively across multiple jurisdictions and time zones. Demonstrated experience handling data subject rights requests and data disclosure requests from law enforcement authorities. Strong knowledge of US privacy laws such as CCPA/CPRA, all major state privacy laws, and federal sector-specific regulations such as GLBA and FCRA. Some familiarity with Canadian privacy laws (including PIPEDA and provincial privacy laws such as Quebec Law 25) and Brazilian privacy law (LGPD), sufficient to identify relevant issues and support engagement with local counsel where needed. Experience advising on cross-border data transfers, including standard contractual clauses, adequacy decisions, and other transfer mechanisms. Relevant professional privacy certifications (e.g., CIPP/US, CIPM, CIPT) are highly desirable. Strong interpersonal and communication skills and the ability to explain complex legal issues in simple terms. Entrepreneurial and creative by nature, with a bias for action. Strong legal drafting skills, with experience developing privacy policies, notices, consent mechanisms, data processing agreements, and controller-processor agreements. Strong project management skills and ability to manage multiple complex privacy initiatives simultaneously. Proven ability to provide practical, business-oriented privacy advice that balances legal compliance with business objectives. Experience managing data breach incidents, including regulatory notifications to supervisory authorities and communications with affected data subjects. Strong analytical and problem-solving skills, with the ability to assess privacy risks and develop pragmatic solutions. Willingness to work flexible hours to collaborate with global privacy team members across different time zones

{
  "content_hash": "aa95e131a1acaa7ceccb862f234acf6c145ae67734ba0c5126a062bf8e4bca06",
  "source_hash": "d668a208fe06c35d644bd881a6038192d7c01cb2402dd5172512782839ac1526",
  "last_changed_at": "2026-06-18T07:56:43.885Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "New York, NY",
    "city": "New York",
    "region": "NY",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.9
  },
  "salary_max": 240000,
  "salary_min": 140000,
  "inferred_at": "2026-06-18T07:56:43.844Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "New York, NY",
      "city": "New York",
      "region": "NY",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "hybrid",
  "salary_period": "year",
  "workplace_type": "hybrid",
  "salary_currency": "USD"
}

{}

{
  "lists": [
    {
      "text": "WHAT YOU'LL DO",
      "content": "<div>\n\n<li>\n<p>Support the execution of Trustly's privacy strategy for the Americas region, ensuring compliance with US federal and state privacy laws (including CCPA/CPRA, applicable state privacy laws, and federal sector-specific regulations such as GLBA and FCRA), Canadian privacy laws (including PIPEDA and Quebec Law 25), and Brazilian privacy law (LGPD);</p>\n</li>\n<li>\n<p>Conduct privacy impact assessments for new products, services, features, and business initiatives.</p>\n</li>\n<li>\n<p>Provide practical, business-focused legal advice on privacy matters to internal stakeholders.</p>\n</li>\n<li>\n<p>Advise on data subject rights requests (including rights to access, opt out etc).</p>\n</li>\n<li>\n<p>Support privacy breach preparedness and incident response efforts for the Americas region, including contributing to incident response plans, coordinating breach investigations, and managing notifications to supervisory authorities and communications to data subjects.</p>\n</li>\n<li>\n<p>Advise on and support the negotiation of data processing agreements, data transfer mechanisms (including standard contractual clauses, adequacy decisions, and other transfer tools), and privacy terms with vendors, partners, and customers.</p>\n</li>\n<li>\n<p>Monitor legislative and regulatory developments affecting privacy and data protection in the Americas, including tracking US federal and state developments, providing timely analysis and recommendations to senior leadership.</p>\n</li>\n<li>\n<p>Collaborate closely with the global Privacy &amp; DPO team to ensure alignment on privacy strategies, share best practices, and coordinate cross-regional privacy initiatives.</p>\n</li>\n<li>\n<p>Develop and maintain privacy documentation, including records of processing activities, legal advice notes and privacy compliance registers.</p>\n</li>\n<li>\n<p>Support privacy-related audits, assessments, and due diligence activities.</p>\n</li>\n\n</div>"
    },
    {
      "text": "WHO YOU ARE",
      "content": "<div>\n\n<li>\n<p>Juris Doctor (JD) degree from an accredited law school and active bar admission in at least one US jurisdiction.</p>\n</li>\n<li>\n<p>Minimum of 3-5 years of experience as a privacy attorney (including demonstrated experience advising on GLBA, CCPA, and state data protection laws).</p>\n</li>\n<li>\n<p>Demonstrated experience in the FinTech or the payment services sector, with knowledge of the unique privacy challenges and regulatory landscape affecting payments and financial technology companies would be a bonus.</p>\n</li>\n<li>\n<p>Experience working as part of a global privacy team, with proven ability to collaborate effectively across multiple jurisdictions and time zones.</p>\n</li>\n<li>\n<p>Demonstrated experience handling data subject rights requests and data disclosure requests from law enforcement authorities.</p>\n</li>\n<li>\n<p>Strong knowledge of US privacy laws such as CCPA/CPRA, all major state privacy laws, and federal sector-specific regulations such as GLBA and FCRA.</p>\n</li>\n<li>\n<p>Some familiarity with Canadian privacy laws (including PIPEDA and provincial privacy laws such as Quebec Law 25) and Brazilian privacy law (LGPD), sufficient to identify relevant issues and support engagement with local counsel where needed.</p>\n</li>\n<li>\n<p>Experience advising on cross-border data transfers, including standard contractual clauses, adequacy decisions, and other transfer mechanisms.</p>\n</li>\n<li>\n<p>Relevant professional privacy certifications (e.g., CIPP/US, CIPM, CIPT) are highly desirable.</p>\n</li>\n<li>\n<p>Strong interpersonal and communication skills and the ability to explain complex legal issues in simple terms.</p>\n</li>\n<li>\n<p>Entrepreneurial and creative by nature, with a bias for action.</p>\n</li>\n<li>\n<p>Strong legal drafting skills, with experience developing privacy policies, notices, consent mechanisms, data processing agreements, and controller-processor agreements.</p>\n</li>\n<li>\n<p>Strong project management skills and ability to manage multiple complex privacy initiatives simultaneously.</p>\n</li>\n<li>\n<p>Proven ability to provide practical, business-oriented privacy advice that balances legal compliance with business objectives.</p>\n</li>\n<li>\n<p>Experience managing data breach incidents, including regulatory notifications to supervisory authorities and communications with affected data subjects.</p>\n</li>\n<li>\n<p>Strong analytical and problem-solving skills, with the ability to assess privacy risks and develop pragmatic solutions.</p>\n</li>\n<li>\n<p>Willingness to work flexible hours to collaborate with global privacy team members across different time zones</p>\n</li>\n\n</div>"
    }
  ],
  "country": "US",
  "createdAt": 1778768527042,
  "updatedAt": null,
  "categories": {
    "team": "Privacy & DPO",
    "location": "New York, NY",
    "commitment": "Full-time",
    "department": "Legal",
    "allLocations": [
      "New York, NY"
    ]
  },
  "salaryRange": {
    "max": 240000,
    "min": 140000,
    "currency": "USD",
    "interval": "per-year-salary"
  },
  "workplaceType": "hybrid"
}