About the Company
Flo is the world27s #1 health app on a mission to build a better future for female health. Backed by a $200M investment led by General Atlantic, Flo reached a $1B valuation in 2024. With 6M paid subscribers and the highest-rated experience in the App Store27s health category, Flo has built trust at scale over 10 years. The company is now building the next generation of digital health 26ndash; AI-powered, privacy-first, clinically backed 26ndash; to help users understand their bodies better.
Job Overview
The Privacy Counsel role reports to the VP of Privacy and is part of a team of 5 focused on delivering Flo27s commitment to privacy by design and default. The legal and compliance team oversees Flo27s privacy program, regulatory compliance, contract management, and IP enforcement. The team is segmented into Privacy & Data Protection, Regulatory & Compliance, and Legal Services.
This role involves hands-on work in a product-led business, providing advice on data protection and privacy risk management and ensuring privacy is embedded throughout the product lifecycle and internal processes. The company has achieved ISO 27701 Privacy certification and launched an open source Anonymous Mode.
Key Responsibilities
Provide privacy and data protection advice to the business, including guidance on new product features.
Support team members on online advertising practices and AI technology advice.
Ensure data protection is incorporated into design, build, testing, and deployment stages across departments.
Conduct Data Protection Impact Assessments and mitigate privacy risks.
Contribute to the maintenance of the Information Security and Privacy Management System (ISPMS) processes.
Assist in creating and delivering staff training and Privacy Champion Network communications on privacy best practices.
Perform legal research on emerging privacy laws, regulations, and guidance, including horizon scanning for updates.
Ensure data protection and best practices are fully integrated into the compliance framework.
Explore privacy-enhancing technologies and support the implementation of new tooling from a privacy perspective.
Candidate Requirements
Must have:
- Qualified UK solicitor with 1-3 years post-qualification experience in privacy and data protection.
- Experience in technology companies, software product companies, or reputable law firms.
- Knowledge of global data protection laws, including US regulations.
- Practical experience in privacy by design and privacy risk management.
- Ability to explain legal topics in clear, simple, and actionable language.
- Familiarity with OneTrust, Miro, JIRA, and Confluence tools.
Nice to have:
- CIPP certifications (CIPP/E, CIPM, CIPT, CIPP/US, or others).
- Knowledge of agile methodologies.
- Experience in health tech, digital health, or digital wellness companies.
- Experience collaborating with software engineers, marketing teams, and product managers.
- Experience implementing AI tools to enhance legal team efficiency.
Work Environment and Benefits
Flo is a mission-led, product-driven team that moves fast, values craft, encourages debate and shared decisions, and cares about impact. The team supports resilience and commitment to better health outcomes.
Benefits include:
- Competitive salary with annual reviews
- Participation in Flo's performance incentive scheme
- Paid holiday, sick leave, and female health leave
- Enhanced parental leave and pay for various family types
- Professional growth opportunities and learning support
- Flexible office and home work options, including up to 2 months working abroad
- 5-week fully paid sabbatical after 5 years
- Flo Premium for friends and family, plus health, pension, and wellbeing perks
Flo values diversity, equity, and inclusion, hiring based on merit and skill without discrimination, and welcomes applicants from all backgrounds.