Our legal services relate to the laws of data privacy, cyber space, Intellectual Property issues as well as documentations and advisory around these laws around the world. Case in point one of our key areas is Legal Advisory and Consultancy in Data Protection. Our services also include litigation services that we typically undertake for our clients in the IP, data protection and privacy space. Our services encompass:
Review of the contractual structure of organizations, within a privacy governance framework, to align local and global data privacy laws.
Typically, it is important for vendors and their clients to have a balanced framework so that the rights and obligations of each party is not skewed. For this it is important to align and/or build the vendor contract management framework.
Although the specific law dealing with data protection is still to be placed in Parliament, our experience of dealing with their counterpart acts in the global space helps us in advising clients to pre-empt some of the compliance requirements within a larger privacy governance framework.
Advisory on GDPR is another of our service offerings:
From a legal perspective how does one approach data privacy? Compliance headaches plague organizations worldwide and for this you need a constant monitoring of the obligation. Engage with us to get advice.
Assessment of the global and local privacy and other related laws affecting the organizational structures and building a comprehensive framework to be used to tackle multi-jurisdictional issues.
Interpreting and implementing the requirements of Global Data Privacy and Data Security Laws. After assessing the laws, we bring in changes to implement laws, within a larger privacy governance framework, in the organization.
For IP, stakeholders need to understand legal obligations that the organisation and employees are under in order to comply with them. Be it IP Assignments, licenses, affidavits, structures, we create them to aid our clients so that their intellectual property remains protected.
Legally, what needs to be done as soon as there is a breach should be an immediate action. From a legal standpoint, We help companies organize them at the zero hour of the crisis, guiding them out of it in order to mitigate future risks.
Simple to complex contracts and agreements are our forte.
Cookies management is becoming very important for organisations. While some of them fall foul of the various laws on privacy such as GDPR and PECR, there is a growing need to deal with them transparently.
Where consent is used as a tool to process data, we provide the ‘hows’ to do this lawfully. Reach out to us to get this right.
Having robust strategic management for the organization is an important initial high-level step to building a data privacy management module for the organization.
Mergers, acquisitions, JVs are a complex time in an organization when both the companies in question need to be aware and bring in into their systems processes that will drive compliance to align to the Privacy Governance Framework set. Reach out to us to know more on this service offering.
Advisory on the merger between Data Protection and Intellectual Property Assets in the organization.
Your IP posture is a key ingredient of how you protect yourself against external usurpers. Running an Audit and strategising this are critical therefore to the organization.
We also help organizations and individuals for their litigation requirements which includes:
Our belief is that any framework aimed at securing the organization cannot be solved by one line of attack. One has to look at the legal as well as the technological framework, audit, training , awareness and other aspects of the company. Therefore, we conduct detailed audits and assessments sans limitations to any particular area to provide a holistic solution to the issue at hand. This includes:
To know what you have you need to understand what you have collected. Mapping the data therefore is the first stage in building a privacy program.
In the space of GRC, (Governance, Risk and Compliance) risk management is very critical. To test and gauge this you need to do a proper assessment of identifying the risk and analyzing its severity and impact. Have you done this if not reach out to us to get a deeper understanding?
How does the vendor or supplier protect the data that you have shared with them? Do they have proper controls defined? Do they push all liabilities on you? If so reach out to us to do a proper risk assessment with such vendors/suppliers?
Just what is your appetite to risk be it security or privacy? Does the compliance or business take precedence? If so reach out to us to do a proper due diligence to understand risks?
Assessment of the privacy posture of an organization is key to its success. Before you pursue to build privacy frameworks/program the basic groundwork needs to be done. We advise on building this. Reach out to us to understand this.
For any program/project to be truly effective one needs to keep monitoring the same to keep it on track. Audit therefore is a must. Reach out to us to do a detailed audit of your Data Protection Cyber security & Continuity postures.
An impact assessment is an important tool to understand where the risk is more pronounced be it for the processes or the organization as a whole. Article 35 DPIA is specifically relevant for any organization falling under the scope of GDPR. Similar provisions are enshrined in the PDPB.
Where you are and where you need to be is an important analysis that one needs to do in order to understand the gaps in the system be it from a point of view of Data Protection, IP or cyber security.
PbD is becoming one of the major tools for each or the processes or applications. PbD in layman’s terms is designing privacy to each process, application and product so that the personal information being shared by customers and users are properly protected. How does one deal with AI and Data Protection in this context? Reach out to us to understand this.
It is difficult for companies to engage a DPO who will take care of the functions of a Data Protection Officer as mandated by the GDPR or the proposed Indian Law. Reach out to us to help you here.
Building and creating a program from scratch or refurbishing an existing program is our specialty. Our consultants have experience in guiding and taking the organization to new heights.
Creating a framework for how the privacy is to be looked at is something that we can help you with, a structure for managing the personal data in the organization dependent on the law in question.
Data Subjects or Data principal are the key to the entire discussion on privacy. Their rights need to be protected. As an individual find out what rights you have and how to protect them. As an organization know how to deal with the requests made by individuals as also what are the notification obligations.
What happens when there is a breach? Which units’ step into action? What needs to be done immediately and over a period of time? Our experts know this. Reach out to us to aid you in this process.
Depending on the modules you want us to undertake, we will build you a service bouquet to create a customized solution that works for you. This includes both pre-monitoring and post incident response modules. Reach out to us to get this service.
Everything these days is finding its way into the cloud, but after all it has a physical attribute. How does one keep a check on the compliance of such players? Reach out to seek our help.
Does one monitor risk alone or be preemptive and build resilience in the systems? How does one achieve this? Reach out to our experts to build this in your system.
We believe that there is no one right way to engage with the audience. However, audience engagement is key for compliance to laws and policies of organizations. We, in our workshops and training/awareness sessions believe in this concept. As a result, we bring in different perspectives and methods to engage the trainees. A ‘on the ground’ awareness session from an outside agency often helps the organization to externally validate their compliance drives and enable enforcement.
The International Association of Privacy Professionals is the premier organization which is aiding in the creation of privacy professionals worldwide. Excaliburancy is an Official Training Partner of IAPP and helps train resources to obtain these gold standard certifications.
This is a two-day program for any of the above.
Though this has yet to be placed before the Parliament, these workshops will enable your organization to get ready for this. We build customized workshops to cater to your requirements.
In this deeply nuanced and mixed up environment, data is the key. How to deal with IP assets and maintaining data protection, security and confidentiality is what our experts train you on. Both basic and detailed modules available.
This workshop is a customized one for organizations who are looking to build their privacy program.
Again, this is a preliminary awareness session or a detailed training on this law for your stakeholders and management. This is both in the form of an awareness session and a detailed workshop with specific stakeholders.