Legal Officer & Data Protection Officer

About Calo (more here)

Calo is an app providing personalized meal plans for busy people through nutritional algorithms built with love by chefs nutritionists and software engineers.

Launched in Bahrain in 2019 we have since expanded to 7 countries delivered millions of meals to our customers and are now expanding our mission of making healthy easy to retail and other verticals.

Were on a noble mission to make healthy easy. We think this is one of the most important problems to tackle in our world today. We have global ambitions - no small thinking here.

Why This Role Matters

We are looking for a Legal Officer & Data Protection Officer to support our Legal Department in overseeing the legal aspects of the business with a strong focus on data protection and regulatory compliance. As data protection risks and enforcement continue to increase and as AI-related regulations evolve you will ensure the company remains fully compliant across all countries in which we operate. This role involves working closely with Product and Engineering along with all other day-to-day legal tasks to embed compliance into our systems including defining what data we collect how it can be used or shared and where explicit consumer consent is required. You will advise on lawful data handling practices safeguard the companys reputation and minimize legal and regulatory exposure in an increasingly complex data and AI landscape.

What Youll Do

• Support executives with accurate timely legal advice across labor law partnerships international ventures and corporate finance with a primary focus on data protection and privacy compliance

• Monitor data protection and privacy laws on a weekly basis across all jurisdictions we operate in; assess regulatory changes and ensure required updates are implemented promptly

• Work closely with Engineering and Product to ensure compliance is built into the website and mobile app including bi-weekly compliance checks to verify consent mechanisms data collection practices and disclosures

• Define and control data-protection processes identifying gaps where reporting or controls are insufficient and driving remediation

• Advise on consumer consent requirements including what data requires explicit consent what can be collected or shared and applicable retention periods

• Assist with defining and maintaining internal governance and data-protection policies

• Collaborate with Legal Counsel and management to proactively identify legal risks and devise effective mitigation and defense strategies

• Research assess and evaluate legal and regulatory risk factors impacting business operations with particular attention to data protection and emerging AI regulations

• Draft review and negotiate contracts and legal documents ensuring data-protection obligations are properly addressed; work in both Arabic and English

• Manage complex legal matters involving multiple stakeholders ensuring alignment with regulatory and privacy requirements

• Provide clear explanations of legal and data-protection requirements to teams across the organization

• Conduct periodic compliance testing during slower operational periods to validate adherence to data-protection regulations

• Maintain up-to-date knowledge of legislative changes and ensure company records are accurate complete and properly filed

• Perform all duties with integrity accountability and a strong sense of ownership over compliance outcomes

What Were Looking For

Qualifications

• Bachelors degree in Law with one to two years of relevant work experience preferably in a startup

Knowledge and competency

• 3-4 years of experience working with technology data laws and data protection regulations; hands-on internal implementation of data-protection frameworks is a strong plus

• Proven experience in ensuring policies are implemented correctly across the business

• Must have experience in contract drafting reviewing and negotiation including commercial terms

• Must have experience with contracts and trademarks with a strong background in commercial law

• Must have experience navigating GCC and UK data protection laws (e.g. PDPL GDPR alignment concepts)

• Excellent knowledge and understanding of corporate law procedures and governance structures

• Strong awareness of how external regulatory commercial and market forces impact corporate decision-making

• Ability to analyze complex legal regulatory and business scenarios

• Ability to be a self-starter who handles conflict constructively and takes ownership to get work done with minimal supervision

• Fluent in written and spoken Arabic and English

• Strong research drafting and documentation skills with attention to detail and follow-through

• Ability to operate independently in a fast-paced evolving environment

Who You Are

• Strong communicator

• High degree of professional ethics and integrity

• Pleasant personality

The Hiring Journey

• Screening

• Technical Interview

• Culture Fit Interview

• Offer stage

Ready to Join

If this role excites you and you see yourself matching at least 85% of the criteria above what are you waiting for Yalla lets gooo!