Dir, Privacy Counsel (Hybrid)

Description:

Overall Job Summary
This position is primarily responsible for providing legal counsel and strategic guidance on privacy and data protection matters, ensuring the company's compliance with applicable U.S. privacy laws and regulations (including CCPA, CPRA, HIPAA, etc.). Key duties include developing and implementing privacy policies and training, negotiating data privacy agreements and commercial contracting, and advising on privacy issues in commercial initiatives. The role will collaborate closely with cross-functional teams to integrate privacy best practices into business operations and will work with the privacy team in addressing complex privacy inquiries and compliance strategies.

Essential Duties and Responsibilities (Min 5%)

• Provide expert legal counsel and day-to-day advice to the business on privacy and data protection compliance, ensuring adherence to U.S. federal and state privacy laws (e.g. CCPA, CPRA, HIPAA) and company policies.
• Develop, implement, and maintain the company's privacy policies, procedures, and training programs in coordination with the Privacy team (Technology) to promote enterprise-wide compliance and awareness.
• Draft, review, and negotiate data privacy and security provisions in commercial contracts, including Data Processing Agreements (DPAs) and third-party data sharing agreements, to protect the company's interests and ensure regulatory compliance.
• Advise internal stakeholders (including IT, Digital, Marketing, HR, and Operations teams) on privacy issues related to new projects, initiatives, and technologies – helping to identify potential risks and recommend compliant solutions that align with business objectives.
• Monitor and stay up-to-date on evolving privacy and data protection laws and regulations (domestic and international). Proactively communicate legislative or regulatory changes to relevant business partners and recommend necessary operational or policy adjustments.
• Provide guidance to the Privacy team in managing day-to-day compliance tasks and complex privacy inquiries. Support team members in interpreting privacy requirements and implementing best practices.
• Collaborate with management and other legal colleagues on overarching data protection strategy, governance initiatives, and privacy compliance projects to ensure a cohesive approach to privacy issues.
• Coordinate and oversee responses to Data Subject Access Requests (DSARs) in partnership with the Privacy team.
• Build and strengthen relationships with other individuals and groups within TSC to ensure that the Legal department is viewed as an effective and trusted business partner.
• Help manage outside counsel or privacy consultants as needed for specialized advice, regulatory guidance, or to support investigations and compliance efforts in the privacy domain.
• Support the Legal Department on other commercial or technology transactions and projects as requested, particularly those involving significant privacy or data security considerations.

Required Qualifications:
Experience: 7 to 10+ years of relevant legal experience in privacy and data protection law (gained in a law firm, in-house legal department, and/or regulatory agency). Must have hands-on experience advising on U.S. privacy laws such as CCPA, CPRA, and HIPAA. Experience drafting and negotiating commercial agreements containing data privacy terms (including Data Processing Agreements and third-party data sharing contracts) is required. Experience in the retail industry is strongly preferred. Exposure to international privacy frameworks or Canadian privacy law (e.g. PIPEDA) is a plus.

Education: Juris Doctor (J.D.) from an accredited law school. Admission to practice law and current good standing status in the state of Tennessee, or admission to practice and good standing in another state with the ability to obtain Tennessee in-house counsel registration (per applicable rules). Any suitable combination of education and experience will be considered.

Professional Certification: CIPP/US Privacy Certification or other similar certification a major plus.

Preferred knowledge, skills or abilities

• Deep knowledge of U.S. privacy and data protection regulations, with the ability to interpret and apply laws in a business context.
• Excellent contract drafting and negotiation skills, particularly related to data protection agreements and privacy clauses.
• Strong analytical and problem-solving abilities to assess legal risks in complex scenarios and develop practical solutions.
• Outstanding communication and presentation skills, including the ability to explain complex legal concepts in clear terms to non-legal stakeholders.
• High level of professional integrity, discretion, and commitment to maintaining confidentiality and trust.
• Demonstrated ability to work collaboratively across departments (e.g. IT, Security, Compliance, Marketing) and to lead cross-functional privacy initiatives.
• Effective project management and organizational skills to handle multiple priorities and deadlines.
• Proficiency in using standard business and legal software (e.g. Microsoft Office Suite); familiarity with privacy program management tools or technologies is a plus.

Working Conditions:

• Hybrid / Flexible working conditions
• Occasional travel required

Physical Requirements:

• Sitting
• Standing (not walking)
• Walking
• Lifting up to 10 pounds

Disclaimer:
This job description represents an overview of the responsibilities for the above-mentioned position. It is not intended to represent a comprehensive list of responsibilities. A team member should perform all duties as assigned by his/ her supervisor.

Company Info
At Tractor Supply and Petsense by Tractor Supply, our Team Members are the heart of our success. Their dedication, passion, and hard work drive everything we do, and we are committed to supporting them with a comprehensive and accessible total reward package. We understand the evolving needs of our Team Members and their families, and we strive to offer meaningful, competitive, and sustainable benefits that support their well-being today and in the future.

---