Skip to main content
Data Privacy & Security

Innovation in data privacy and security products

Our Data Privacy Practice was identified as a key sub-area within our overall corporate practice, over a decade ago.   Our Data Team closely monitors the evolving data privacy and security landscape in India, and   consistently advises multinational clients across a broad spectrum of data related matters.

We regularly undertake data-related due diligence exercises for corporate transactions and have advised on innovative structures seeking to monetise data (most recently, by using data lakes as security for financings).  As the overlap between data and anti-trust issues continues to increase, our Data and Competition Teams collaborate closely to ensure that we provide expert multi-dimensional advice to our clients.

Our Data and Privacy Law experience includes matters  that range from advising on Indian personal data compliance requirements (including on how such requirements are likely to change as and when new legislation is finally put in place, and how the Indian framework interacts with other data regimes such as GDPR, especially in light of Schrems II), to dealing with the Indian aspects of global data breaches (where we are often required to make notifications and respond to authorities within extremely compressed timeframes).

Our team addresses a wide range of data related issues for multinational clients across several sectors.

Representative transactions

  • A leading German automotive manufacturer, advising on data privacy and other regulatory aspects relating to the proposed rollout of certain automotive products / features in India.
  • A US headquartered alternative asset management company, advising in relation to a financing where “data lakes” held by the borrower group are proposed to be used as security.
  • A genomics data platform and applications company, advising on data privacy and protection compliances with respect to the consent forms obtained for undertaking biomedical research projects involving Indian participants.
  • An American multinational financial services corporation, advising on the data privacy aspects of utilising call centre recordings for developing quality control software.
  • An American multinational manufacturer of processed foods, advising in relation to information security practices and reporting of cyber incidents in India.
  • An American radiation oncology treatments and software provider, advising on data privacy requirements in relation to the proposed launch of a medical solutions product in India.
  • A Dutch semiconductor manufacturer, advising in relation to the regulatory framework governing ransomware attacks in India.
  • A leading German automotive manufacturer, advising on surveillance laws in India against the backdrop of Schrems II.
  • A leading multinational fashion retailer, advising on data privacy and other regulatory aspects with respect to the setting up of their website in India and for their marketing and sales-related activities.
  • Advising on data breaches impacting Indian users (including notifying and liaising with the relevant authorities, as appropriate), including for a leading global hospitality company, a leading global auto-parts company, a leading provider of co-working spaces and a global manufacturer of construction materials.
  • Advising in relation to data privacy compliance requirements in India, including for leading social media and e-commerce platforms, a leading American multinational conglomerate operating in healthcare and consumer goods and an American manufacturer of home furnishings.