Service Arms






Our legal services relate to the laws of data privacy, cyber space, Intellectual Property issues as well as documentations and advisory around these laws around the world. Case in point one of our key areas is Legal Advisory and Consultancy in Data Protection. Our services also include litigation services that we typically undertake for our clients in the IP, data protection and privacy space. Our services encompass:


  1. Privacy Contractual Framework

Review of the contractual structure of organizations, within a privacy governance framework, to align local and global data privacy laws.


  1. Vendor Contract Management

Typically, it is important for vendors and their clients to have a balanced framework so that the rights and obligations of each party is not skewed. For this it is important to align and/or build the vendor contract management framework.


  1. Data Privacy Advisory – PDPB/GDPR

Although the specific law dealing with data protection is still to be placed in Parliament, our experience of dealing with their counterpart acts in the global space helps us in advising clients to pre-empt some of the compliance requirements within a larger privacy governance framework.


Advisory on GDPR is another of our service offerings:
From a legal perspective how does one approach data privacy? Compliance headaches plague organizations worldwide and for this you need a constant monitoring of the obligation. Engage with us to get advice.


  1. Legal Framework Assessment

Assessment of the global and local privacy and other related laws affecting the organizational structures and building a comprehensive framework to be used to tackle multi-jurisdictional issues.


  1. Global Privacy & Security Laws Integration

Interpreting and implementing the requirements of Global Data Privacy and Data Security Laws. After assessing the laws, we bring in changes to implement laws, within a larger privacy governance framework, in the organization.


  1. Framing documentation around IP

For IP, stakeholders need to understand legal obligations that the organisation and employees are under in order to comply with them. Be it IP Assignments, licenses, affidavits, structures, we create them to aid our clients so that their intellectual property remains protected.


  1. Data Breach Support Services

Legally, what needs to be done as soon as there is a breach should be an immediate action. From a legal standpoint, We help companies organize them at the zero hour of the crisis, guiding them out of it in order to mitigate future risks.


  1. Drafting Contracts | Agreements | Software License Agreements | MoUs | Corporate Documentation | Franchisee Agreements

Simple to complex contracts and agreements are our forte.


  1. Cookie Management

Cookies management  is becoming very important for organisations. While some of them fall foul of the various laws on privacy such as GDPR and PECR, there is a growing need to deal with them transparently.


  1. Consent Framework

Where consent is used as a tool to process data, we provide the ‘hows’ to do this lawfully. Reach out to us to get this right.


  1. Strategic Management for Data Privacy

Having robust strategic management for the organization is an important initial high-level step to building a data privacy management module for the organization.


  1. Build Privacy Readiness

Mergers, acquisitions, JVs are a complex time in an organization when both the companies in question need to be aware and bring in into their systems processes that will drive compliance to align to the Privacy Governance Framework set. Reach out to us to know more on this service offering.


  1. Data Privacy and Protection in Intellectual Property Assets; Data Protection & IP Asset Management

Advisory on the merger between Data Protection and Intellectual Property Assets in the organization.


  1. Drafting and negotiating privacy related agreements
    GDPR and other laws around the world want organisations to demonstrate compliance. While one must have the various measures internally, what is also needed is for the internal stakeholders to have documented policies, procedures, standards and guidelines which help organisations show compliance. These include:
  • Data Transfer Agreements and Data Processing Agreements;
  • Consent and notice mandates;
  • Documents related to Data Subject Access Rights (DSARS)
  • Documents in relation to Notification to Authorities


  1. Intellectual Property Rights – Prosecution – Patent, Trademark, Designs, and Copyrights | Managing Trade Secret


  1. Building IP Strategy & Audits


Your IP posture is a key ingredient of how you protect yourself against external usurpers. Running an Audit and strategising this are critical therefore to the organization.


  1. Data Privacy & IP enforcement & Litigation


We also help organizations and individuals for their litigation requirements which includes:

  • Cyber Law Infringement
  • Data Protection Litigation
  • Domain Name Infringements
  • Dealing with Brand Name distortion
  • Defamation
  • Violations of Cyber laws



Our belief is that any framework aimed at securing the organization cannot be solved by one line of attack. One has to look at the legal as well as the technological framework, audit, training , awareness and other aspects of the company. Therefore, we conduct detailed audits and assessments sans limitations to any particular area to provide a holistic solution to the issue at hand. This includes:


  1. Conduct Data mapping and create data structures.


To know what you have you need to understand what you have collected. Mapping the data therefore is the first stage in building a privacy program.


  1. Risk Assessment Framework


In the space of GRC, (Governance, Risk and Compliance) risk management is very critical. To test and gauge this you need to do a proper assessment of identifying the risk and analyzing its severity and impact. Have you done this if not reach out to us to get a deeper understanding?


  1. Vendor / Supplier Risk Management


How does the vendor or supplier protect the data that you have shared with them? Do they have proper controls defined? Do they push all liabilities on you? If so reach out to us to do a proper risk assessment with such vendors/suppliers?


  1. Cyber security & data privacy due diligence


Just what is your appetite to risk be it security or privacy? Does the compliance or business take precedence? If so reach out to us to do a proper due diligence to understand risks?


  1. Data Privacy Assessment


Assessment of the privacy posture of an organization is key to its success. Before you pursue to build privacy frameworks/program the basic groundwork needs to be done. We advise on building this. Reach out to us to understand this.


  1. Data Protection Audit, Cyber security, Privacy & Continuity

For any program/project to be truly effective one needs to keep monitoring the same to keep it on track. Audit therefore is a must. Reach out to us to do a detailed audit of your Data Protection Cyber security & Continuity postures.


  1. Privacy Impact Assessment/Data Protection Impact Assessment (GDPR) as a Service

An impact assessment is an important tool to understand where the risk is more pronounced be it for the processes or the organization as a whole. Article 35 DPIA is specifically relevant for any organization falling under the scope of GDPR. Similar provisions are enshrined in the PDPB.


  1. Gap Assessment Analysis for Data Protection, Intellectual Property Rights and Cyber Security

Where you are and where you need to be is an important analysis that one needs to do in order to understand the gaps in the system be it from a point of view of Data Protection, IP or cyber security.


  1. Privacy by Design for processes and applications

PbD is becoming one of the major tools for each or the processes or applications. PbD in layman’s terms is designing privacy to each process, application and product so that the personal information being shared by customers and users are properly protected. How does one deal with AI and Data Protection in this context? Reach out to us to understand this.


  1. DPO as a Service (DPOS)

It is difficult for companies to engage a DPO who will take care of the functions of a Data Protection Officer as mandated by the GDPR or the proposed Indian Law. Reach out to us to help you here.


  1. Building a Privacy Program

Building and creating a program from scratch or refurbishing an existing program is our specialty. Our consultants have experience in guiding and taking the organization to new heights.


  1. Building a Privacy Governance Framework

Creating a framework for how the privacy is to be looked at is something that we can help you with, a structure for managing the personal data in the organization dependent on the law in question.


  1. Data Subject Access Rights (DSARs) and Notification Advisory

Data Subjects or Data principal are the key to the entire discussion on privacy. Their rights need to be protected. As an individual find out what rights you have and how to protect them. As an organization know how to deal with the requests made by individuals as also what are the notification obligations.


  1. Data Breach Management

What happens when there is a breach? Which units’ step into action? What needs to be done immediately and over a period of time? Our experts know this. Reach out to us to aid you in this process.


  1. Data Protection Support Services

Depending on the modules you want us to undertake, we will build you a service bouquet to create a customized solution that works for you. This includes both pre-monitoring and post incident response modules. Reach out to us to get this service.


  1. Cloud Computing Data Protection Advisory and Assessment

Everything these days is finding its way into the cloud, but after all it has a physical attribute. How does one keep a check on the compliance of such players? Reach out to seek our help.


  1. Privacy & Cyber Resilience

Does one monitor risk alone or be preemptive and build resilience in the systems? How does one achieve this? Reach out to our experts to build this in your system.



We believe that there is no one right way to engage with the audience. However, audience engagement is key for compliance to laws and policies of organizations. We, in our workshops and training/awareness sessions believe in this concept. As a result, we bring in different perspectives and methods to engage the trainees. A ‘on the ground’ awareness session from an outside agency often helps the organization to externally validate their compliance drives and enable enforcement.


  1. Official Training Partner for IAPP’s CIPM | CIPP | CIPT

The International Association of Privacy Professionals is the premier organization which is aiding in the creation of privacy professionals worldwide. Excaliburancy is an Official Training Partner of IAPP and helps train resources to obtain these gold standard certifications.


This is a two-day program for any of the above.


  1. Indian Personal Data Protection Bill – How to Prepare for it! Workshop


Though this has yet to be placed before the Parliament, these workshops will enable your organization to get ready for this. We build customized workshops to cater to your requirements.


  1. Merger of Intellectual Property and Data Protection


In this deeply nuanced and mixed up environment, data is the key. How to deal with IP assets and maintaining data protection, security and confidentiality is what our experts train you on. Both basic and detailed modules available.


  1. Building Privacy Program

This workshop is a customized one for organizations who are looking to build their privacy program.


  1. Customized industry specific classroom and online trainings for B2B, B2C, individual trainings, workshops and awareness on Data Protection/ Data Privacy, GDPR, Data Protection Bill, Intellectual Property Rights, Cyber Laws and Cyber Security, Risk and Resilience


  1. Data Protection awareness session for Corporates | Schools & Education Institutions | Individuals | Incubators | Start-ups | SMEs


  1. GDPR awareness | GDPR Law

Again, this is a preliminary awareness session or a detailed training on this law for your stakeholders and management. This is both in the form of an awareness session and a detailed workshop with specific stakeholders.

error: Content is protected !!