Sr. Privacy Program Specialist

HighLevel is an AI powered, all-in-one white-label sales & marketing platform that empowers agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. We are proud to support a global and growing community of over 2 million businesses, comprised of agencies, consultants, and businesses of all sizes and industries. HighLevel empowers users  with all the tools needed to capture, nurture, and close new leads into repeat customers. As of mid 2025, HighLevel processes over 4 billion API hits and handles more than 2.5 billion message events every day. Our platform manages over 470 terabytes of data distributed across five databases, operates with a network of over 250 microservices, and supports over 1 million hostnames.

 

With over 1,500 team members across 15+ countries, we operate in a global, remote-first environment. We are building more than software; we are building a global community rooted in creativity, collaboration, and impact. We take pride in cultivating a culture where innovation thrives, ideas are celebrated, and people come first, no matter where they call home.

 

As of mid 2025, our platform powers over 1.5 billion messages, helps generate over 200 million leads, and facilitates over 20 million conversations for the more than 1 million businesses we serve each month. Behind those numbers are real people growing their companies, connecting with customers, and making their mark - and we get to help make that happen.

 

HighLevel is an all-in-one sales and marketing platform serving over 60,000 customers across 140 countries. We help marketing agencies, entrepreneurs, and small businesses capture leads, nurture customer relationships, and close deals. As we scale, we need a Sr. Privacy Program Specialist to run and continuously improve our privacy compliance operations.

You will take ownership of our existing privacy program: managing data subject rights requests, conducting privacy assessments, coordinating DPA reviews, overseeing our consent management platform, and keeping tracking technologies in check. When new privacy regulations emerge, you'll assess what HighLevel needs to do and work with the legal team to make it happen.

The right candidate is operationally minded, detail-oriented, and always looking for ways to make processes more efficient. You should be comfortable managing multiple workstreams, coordinating across teams, and building systems that scale without constant oversight.

What You’ll Be Doing:

Privacy Program Operations

• Own the day-to-day operation of HighLevel's privacy program, ensuring compliance processes run smoothly and efficiently
• Manage and optimize our consent management platform, ensuring it accurately reflects HighLevel's data practices and regulatory requirements
• Build and maintain privacy program documentation, including records of processing activities, data inventories, and compliance evidence
• Monitor for new privacy regulations and assess their impact on HighLevel, working with legal counsel to determine necessary changes
• Track regulatory deadlines, certification renewals, and compliance milestones

Data Subject Rights Requests

• Own the end-to-end data subject rights request (DSR) process, from intake through fulfillment and response
• Build and refine DSR workflows to improve response times, reduce manual effort, and ensure consistent handling
• Coordinate with engineering and product teams to fulfill complex requests requiring technical data retrieval
• Maintain DSR metrics and reporting to demonstrate compliance and identify process improvements

Privacy Assessments

• Own the operational workflow for Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs), creating and managing the end-to-end process from intake through completion. 
• Develop and maintain assessment templates, intake processes, and taking systems that enable assessments to scale without bottlenecks. 
• Work with product and engineering teams to gather necessary information and document privacy considerations
• Track assessment findings and ensure remediation items are addressed

DPA Management & Vendor Privacy

• Coordinate DPA reviews with commercial counsel, managing the intake, tracking, and completion of data processing agreements
• Maintain DPA templates and clause libraries, flagging deviations for legal review
• Support vendor privacy assessments, ensuring third parties meet Hi