Data Protection & Privacy

Data Protection & Privacy

Data Protection & Privacy

Data Protection & Privacy

Building privacy by design

Building privacy by design

Building privacy by design

End-to-end support for privacy compliance suited to tech and product teams that need realistic, enforceable programs.

End-to-end support for privacy compliance suited to tech and product teams that need realistic, enforceable programs.

End-to-end support for privacy compliance suited to tech and product teams that need realistic, enforceable programs.

End-to-end support for privacy compliance suited to tech and product teams that need realistic, enforceable programs.

You’ll find us working on:

You’ll find us working on:

You’ll find us working on:

You’ll find us working on:

  • Privacy program design scaled to your size and risk: policy templates, roles and responsibilities, and accountability steps you can operationalise in three months

  • Privacy program design scaled to your size and risk: policy templates, roles and responsibilities, and accountability steps you can operationalise in three months

  • Privacy program design scaled to your size and risk: policy templates, roles and responsibilities, and accountability steps you can operationalise in three months

  • Privacy program design scaled to your size and risk: policy templates, roles and responsibilities, and accountability steps you can operationalise in three months

  • Drafting and updating privacy policies, user notices and consent flows so they are legally defensible and user-friendly

  • Drafting and updating privacy policies, user notices and consent flows so they are legally defensible and user-friendly

  • Drafting and updating privacy policies, user notices and consent flows so they are legally defensible and user-friendly

  • Drafting and updating privacy policies, user notices and consent flows so they are legally defensible and user-friendly

  • Data processing agreements, cross-border transfer clauses and guidance on lawful bases under Indian and major international regimes

  • Data processing agreements, cross-border transfer clauses and guidance on lawful bases under Indian and major international regimes

  • Data processing agreements, cross-border transfer clauses and guidance on lawful bases under Indian and major international regimes

  • Data processing agreements, cross-border transfer clauses and guidance on lawful bases under Indian and major international regimes

  • Data protection impact assessments (DPIAs), records of processing (ROPA) tailored to product flows, and binding operational recommendations

  • Data protection impact assessments (DPIAs), records of processing (ROPA) tailored to product flows, and binding operational recommendations

  • Data protection impact assessments (DPIAs), records of processing (ROPA) tailored to product flows, and binding operational recommendations

  • Data protection impact assessments (DPIAs), records of processing (ROPA) tailored to product flows, and binding operational recommendations

  • Vendor diligence and contract redlines focused on sub-processor controls, security expectations and breach notification duties

  • Vendor diligence and contract redlines focused on sub-processor controls, security expectations and breach notification duties

  • Vendor diligence and contract redlines focused on sub-processor controls, security expectations and breach notification duties

  • Vendor diligence and contract redlines focused on sub-processor controls, security expectations and breach notification duties