Privacy Program Manager

Toast is driven by building the all-in-one restaurant platform that helps restaurants operate their business, increase sales, engage guests, and keep employees happy. We’re seeking an experienced Privacy Program Manager to join Toast’s Legal & Compliance team who will play a pivotal role in shaping and maintaining a world-class privacy program. As part of the dynamic and collaborative Privacy team, you will lead efforts to operationalize privacy requirements across our global operations. This is an opportunity to work on challenging and meaningful projects that make a difference in how we safeguard data and uphold privacy principles within the products and services we offer (both B2B and B2C).

About this roll* (Responsibilities) 

• Global Privacy Program Management: Develop and maintain Toast's global privacy program, ensuring compliance with laws and best practices across the US, Canada, Europe, and the UK.
• Operational Compliance & Risk Mitigation: Translate privacy requirements into actionable processes, manage privacy risk registers, and conduct Data Protection Impact Assessments (DPIAs) in collaboration with cross-functional teams.
• Individual Rights & Incident Response: Manage individual rights requests, enhance response processes, and support investigations and remediation of privacy incidents and data breaches.
• Vendor & Contract Compliance: Partner with Commercial Legal and Procurement to ensure vendor contracts meet privacy obligations and standards, and help mature review processes.
• Training & Awareness & Data Governance: Develop and deliver privacy training programs, and collaborate on data governance frameworks for data classification and lifecycle management.
• Metrics & Reporting: Establish and track key performance indicators (KPIs) to measure program effectiveness and provide regular reports to leadership.

Do you have the right ingredients*? (Requirements)

• Bachelor's degree or equivalent. Privacy certifications (CIPP/E, CIPP/US, CIPM, etc.) are preferred but not mandatory.
• 5+ years of relevant privacy experience, with a strong understanding of global privacy regulations (GDPR, CCPA, PIPEDA, etc.). SaaS or tech industry experience preferred.
• Comprehensive knowledge of global privacy laws and the ability to apply them practically in a business setting.
• Ability to collaborate with technical teams on data flows, architectures, and system design, with familiarity in privacy-enhancing technologies.
• Strong project management skills, with the capacity to align privacy initiatives with business goals and manage multiple priorities.
• Excellent communication and interpersonal skills, with the ability to simplify complex concepts, and strong analytical and problem-solving skills with attention to detail.

Our Spread* of Total Rewards
We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry. Our total rewards package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet Toasters’ changing needs. Learn more about our benefits at https://careers.toasttab.com/toast-benefits.

#LI-DNI