AI and Privacy Counsel

• own the legal side of how global AI regulation and data protection flows through Sabio's commercial relationships; customer contracts, partner and reseller agreements, supplier and model-provider terms.  
• be a key legal voice on EU AI Act readiness and implementation, ISO 42001 alignment, and the broader regulatory landscape shaping how we deliver AI to clients while meeting our regulatory obligations.  

Key Responsibilities

• Draft, review and negotiate AI-specific terms in:  
  • customer contractssuch as IP ownership of inputs/outputs, training data rights, model use restrictions, acceptable use, liability and indemnity positions, performance and uptime, data residency, sub-processing, exit and transition. 
  • partner, reseller and channel agreements, including with hyperscalers and AI platforms (Microsoft, Google, Anthropic, OpenAI, Cognigy and others), understanding the commercial and legal nuances of each provider's terms. You will be responsible for clarifying responsibilities, flow-down obligations to customers and risk allocation across the value chain for these suppliers.  
• Continued development and maintenance of Sabio's AI contracting playbook, including standard clauses, fallback positions, negotiation guidance and risk-tiered approval matrices. 
• Support French and/or Spanish commercial contracting during high-volume periods to deliver increased sales bookings.  

• Act as the legal lead on EU AI Act obligations. This includes advising on risk classification of solutions, provider/deployer responsibilities, transparency, due diligence, CE marking and registration, post-market monitoring and incident reporting. 
• Partner with the AI Compliance & Governance Specialist on ISO 42001 roadmap, evidencing legal controls, and aligning contractual commitments with operational reality. 
• Track and translate emerging AI regulation across our operating jurisdictions (UK, EU, Spain, France, South Africa) into actionable legal guidance and policy updates. 
• Advise on intersections with data protection legislation, IP law, consumer protection and sector-specific regimes where they touch AI. 

• Advise onintellectual property in AI contexts, including use of third-party content, use of training data, ownership and licensing of models, prompts, fine-tunes, embeddings, datasets and generated outputs. 
• Work with the AI Compliance & Governance Specialist on AI risk assessments.  
• Work with information security on data protection impact assessments. 
• Advise on and execute Data Subject Request responses.  
• Advise on international data transfers, related transfer impact assessments and ongoing data protection obligations. 

• Support customer audits, regulator engagement and certification bodies on legal and contractual matters. 
• Lead the legal response to AI and data related incidents, complaints or disputes, coordinating response across information security, operations and customer teams. 

• Run training and clinics that lift legal and contracting literacy across sales, delivery, AI and partnership teams. 
• Bring people together across geographies and disciplines to land negotiation positions and unblock deals. 
• Produce high-quality written content — playbook entries, position papers, customer-facing legal materials, internal briefings. 

Skills Knowledge and Expertise

• Qualified lawyer in a relevant jurisdiction (UK solicitor, Spanish abogado, French avocat or equivalent).  
• Able to work autonomously (3-5 years PQE).   
• Fluent in English and either French or Spanish. Working proficiency in all three is a strong advantage. 
• Demonstrable experience drafting and negotiating technology, software, SaaS or services contracts in a B2B / enterprise setting, including AI-specific terms and closely adjacent ones (data protection, DORA, EBA). 
• Strong working knowledge of  
• the EU AI Act and a clear understanding of how risk classification, obligations and timelines translate into contractual and legal positions. 
• TheGDPR, as well as local data protection laws such as LOPDGDD/Loi Sapin II/UK GDPR, Data Use and Access, etc. (depending on location).  
• Awareness of AI-specific risks and how to allocate them contractually. 
• Understanding of core principles of modern AI to allow you to negotiate credibly with technical counterparts and write contractual language that reflects how AI systems behave. 
• Hands-on experience using AI tooling for professional purposes, such as using AI co-work / copilots to draft, review, redline, analyse and accelerate your own output. 
• Familiarity withISO/IEC 42001, ISO/IEC 27001 and SOC 2 Type II at the level needed to align contracts and customer commitments to certification posture. 
• Excellent written and verbal communication. Able to draft a precise contractual clause, run a negotiation, brief a customer's counsel and write a relevant internal note. 
• Ability to run meetings, bring groups together and drive outcomes across geographically dispersed teams and different business functions. You are comfortable in a high-pace, multi-stakeholder environment. You are motivated and able to build effective working relationships across cultures and time zones. 
• A passion for raising the bar in others. You will deliver training and coaching, enabling and growing legal/commercial literacy across the organisation. 

• In-house experience in a technology, SaaS, AI, contact-centre or consulting business. 
• Direct experience negotiating with hyperscalers and AI platforms (Microsoft, Google, AWS, Anthropic, OpenAI, Cognigy and similar). 
• Experience supporting customer audits, working with certification bodies and managing regulator engagement on legal matters.  
• Exposure to IP licensing, open-source compliance or content rights. 
• Familiarity with Microsoft Copilot, Microsoft Cowork and the broader Microsoft AI ecosystem. 

• Prior career stage in private practice technology / commercial / data / regulatory team(s) before moving in-house. 
• Familiarity with NIST AI RMF, UK AI regulatory developments, or sector-specific AI guidance (financial services, healthcare, public sector). 
• A track record of writing articles or giving talks on AI law, responsible AI, data protection or technology contracts. 

• Spain - able to travel easily to Madrid 
• France - able to travel easily to Paris 
• UK - able to travel easily to London or Glasgow 

Benefits