What you'd actually do

Apply and evolve best practices for handling company and people datasets, give guidance on data transformations, sanitization, and removal, empower customers as data controllers to ensure compliance with global privacy laws, including GDPR, CCPA/CPRA, and relevant state-specific regulations. Lead privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).

Partner with product managers, engineers, and marketing teams to translate legal requirements into actionable product specifications. Provide real-time advice during high-stakes decisions, such as launching new features involving data processing.

Conduct thorough reviews of product roadmaps and features to identify privacy implications. Advise on lawful bases for data processing, cross-border data transfers, and data subject rights (e.g., access, deletion, opt-out). Develop and implement privacy-by-design principles to embed compliance into product development cycles.

Build and maintain strong relationships with data partners, vendors, and third-party service providers. Evaluate privacy risks in data sharing agreements, perform due diligence on vendor compliance, and negotiate contracts to include robust data protection clauses. Work with the broader compliance and legal teams to ensure regulatory and contractual adherence.

Support incident response for privacy-related issues, including notifications of stakeholders. Design and deliver training programs for internal teams on privacy best practices, fostering a culture of compliance.

About Clay

Our mission is to help organizations turn any growth idea into reality.

We see growth as a creative practice, not a formula. Finding and reaching your best-fit customers takes unique ideas and constant iteration. As AI makes execution faster and tactics easier to copy, creativity is the only lasting advantage. We're already helping thousands of customers — including Anthropic, Notion, Google, and Ramp — go to market with unique data, signals, and AI research.

In 2025, we raised a $100M Series Cbacked by world-class investors including Sequoia, CapitalG, and First Round — and crossed $100M in revenue.

In 2026, we announced our second employee tender offer in 9 months at a new $5B valuation. We also launched a community equity round, for our customers, agency partners, and club members.

Some things to know about us:

Our community includes 11,000+ customers, 150+ integration partners, 125+ agencies, 50+ Clay clubs, and 30k members on Slack.
Our culture_ _is unique inside _and _outside of work. Our team members are also DJs, activists, writers, clowns, marathoners, skydivers, psychedelic therapists, social workers, and more.
All employees can work for free with world-class coaches who specialize in creativity, management, and more.
Our operating principles — including negative maintenance and non-attached action — guide our work. Read more about them here.
Read about us in the NYT, Forbes, First Round Review, and more.

Hear from our employees directly on our Glassdoor page!

Role Summary

As Product Counsel, you will serve as the primary legal advisor on privacy matters related to our products. Your expertise will be crucial in evaluating data processing practices, optimizing compliance strategies, and building strong relationships with data partners. This role requires a blend of legal acumen, strategic thinking, and collaboration with cross-functional teams including product, engineering, sales, and compliance. You will ensure that our innovation goes hand in hand with compliance, so that we can have sustainable growth. This is a significant new role at Clay, providing opportunity for creativity and growth. Your success will strengthen Clay's position as a trusted partner to our customers.

Key Responsibilities

Privacy Risk Assessment in Product Features: Apply and evolve best practices for handling company and people datasets, give guidance on data transformations, sanitization, and removal, empower customers as data controllers to ensure compliance with global privacy laws, including GDPR, CCPA/CPRA, and relevant state-specific regulations. Lead privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).
Cross-Functional Collaboration: Partner with product managers, engineers, and marketing teams to translate legal requirements into actionable product specifications. Provide real-time advice during high-stakes decisions, such as launching new features involving data processing.
Regulatory Compliance: Conduct thorough reviews of product roadmaps and features to identify privacy implications. Advise on lawful bases for data processing, cross-border data transfers, and data subject rights (e.g., access, deletion, opt-out). Develop and implement privacy-by-design principles to embed compliance into product development cycles.
Vendor and Partner Management: Build and maintain strong relationships with data partners, vendors, and third-party service providers. Evaluate privacy risks in data sharing agreements, perform due diligence on vendor compliance, and negotiate contracts to include robust data protection clauses. Work with the broader compliance and legal teams to ensure regulatory and contractual adherence.
Incident Response and Training: Support incident response for privacy-related issues, including notifications of stakeholders. Design and deliver training programs for internal teams on privacy best practices, fostering a culture of compliance.
Policy Development and Advocacy: Draft and update internal privacy policies, terms of service, and data processing agreements. Stay updated on evolving privacy laws and industry standards, advocating for proactive changes to mitigate future risks. Collaborate with external counsel or regulatory bodies as needed.

Qualifications

Education and Experience: Juris Doctor (JD) degree from an accredited law school and active bar membership in at least one U.S. jurisdiction (or equivalent international qualification). Minimum of 5-7 years of experience as a product counsel in a tech or SaaS environment. Experience with outbound marketing or data-driven products is highly desirable.
Technical Knowledge: Deep understanding of privacy frameworks such as GDPR, CCPA, HIPAA (if applicable), and emerging laws like the EU AI Act or state privacy bills. CIPP certification is strongly preferred. Familiarity with data security standards (e.g., ISO 27001, SOC 2) and tools for privacy management (e.g., consent management platforms).
Skills and Attributes:
- Strong analytical skills to evaluate complex risk/reward scenarios in fast-paced product environments.
- Ability to maintain both a high-level strategic overview and a deep immersion in the details of complex projects, providing guidance and incremental milestones.
- Strong cross-team collaboration.
- Excellent negotiation and communication skills for handling vendor relationships and internal stakeholders.
- Ability to thrive in ambiguous situations, with a pragmatic approach to balancing legal risks and business objectives.
- Proficiency in privacy tools and technologies; experience with SaaS platforms (e.g., Salesforce, HubSpot) is a plus.
- High ethical standards and a commitment to user privacy.

About Clay

Our mission is to help organizations turn any growth idea into reality.

In 2025, we raised a $100M Series Cbacked by world-class investors including Sequoia, CapitalG, and First Round — and crossed $100M in revenue.

In 2026, we announced our second employee tender offer in 9 months at a new $5B valuation. We also launched a community equity round, for our customers, agency partners, and club members.

Some things to know about us:

Our community includes 11,000+ customers, 150+ integration partners, 125+ agencies, 50+ Clay clubs, and 30k members on Slack.

Our culture_ _is unique inside _and _outside of work. Our team members are also DJs, activists, writers, clowns, marathoners, skydivers, psychedelic therapists, social workers, and more.

All employees can work for free with world-class coaches who specialize in creativity, management, and more.

Our operating principles — including negative maintenance and non-attached action — guide our work. Read more about them here.

Read about us in the NYT, Forbes, First Round Review, and more.

Hear from our employees directly on our Glassdoor page!

Role Summary

Key Responsibilities

Privacy Risk Assessment in Product Features: Apply and evolve best practices for handling company and people datasets, give guidance on data transformations, sanitization, and removal, empower customers as data controllers to ensure compliance with global privacy laws, including GDPR, CCPA/CPRA, and relevant state-specific regulations. Lead privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).

Cross-Functional Collaboration: Partner with product managers, engineers, and marketing teams to translate legal requirements into actionable product specifications. Provide real-time advice during high-stakes decisions, such as launching new features involving data processing.

Regulatory Compliance: Conduct thorough reviews of product roadmaps and features to identify privacy implications. Advise on lawful bases for data processing, cross-border data transfers, and data subject rights (e.g., access, deletion, opt-out). Develop and implement privacy-by-design principles to embed compliance into product development cycles.

Vendor and Partner Management: Build and maintain strong relationships with data partners, vendors, and third-party service providers. Evaluate privacy risks in data sharing agreements, perform due diligence on vendor compliance, and negotiate contracts to include robust data protection clauses. Work with the broader compliance and legal teams to ensure regulatory and contractual adherence.

Incident Response and Training: Support incident response for privacy-related issues, including notifications of stakeholders. Design and deliver training programs for internal teams on privacy best practices, fostering a culture of compliance.

Policy Development and Advocacy: Draft and update internal privacy policies, terms of service, and data processing agreements. Stay updated on evolving privacy laws and industry standards, advocating for proactive changes to mitigate future risks. Collaborate with external counsel or regulatory bodies as needed.

Qualifications

Education and Experience: Juris Doctor (JD) degree from an accredited law school and active bar membership in at least one U.S. jurisdiction (or equivalent international qualification). Minimum of 5-7 years of experience as a product counsel in a tech or SaaS environment. Experience with outbound marketing or data-driven products is highly desirable.

Technical Knowledge: Deep understanding of privacy frameworks such as GDPR, CCPA, HIPAA (if applicable), and emerging laws like the EU AI Act or state privacy bills. CIPP certification is strongly preferred. Familiarity with data security standards (e.g., ISO 27001, SOC 2) and tools for privacy management (e.g., consent management platforms).

Skills and Attributes:

Strong analytical skills to evaluate complex risk/reward scenarios in fast-paced product environments.
Ability to maintain both a high-level strategic overview and a deep immersion in the details of complex projects, providing guidance and incremental milestones.
Strong cross-team collaboration.
Excellent negotiation and communication skills for handling vendor relationships and internal stakeholders.
Ability to thrive in ambiguous situations, with a pragmatic approach to balancing legal risks and business objectives.
Proficiency in privacy tools and technologies; experience with SaaS platforms (e.g., Salesforce, HubSpot) is a plus.
High ethical standards and a commitment to user privacy.

Product Counsel

What you'd actually do

Skills

Required

What the JD emphasized

About Clay

Role Summary

Key Responsibilities

Qualifications

About Clay

Role Summary

Key Responsibilities

Qualifications