This course is recognized by the National Skill Development Corporation, a PPP under the Ministry of Skill Development and Entrepreneurship of the Government of India. You will receive a certificate cobranded by NSDC and Skill India on successful completion.
Who should take this course?
- Professionals who want to shift from traditional areas of work to data protection and privacy laws and work with fast-growing startups, MNCs or in the privacy teams of companies
- Professionals who want to assist their organisations in addressing data protection and privacy work at a global level
- Professionals who want to assist their clients on the side with data protection and privacy work
- Law students who are interested in building a career in data protection and privacy compliance - starting early will give you a headstart as this space is specialised and you will have a massive advantage in securing career opportunities if you are trained
- Law students who are interested in building a career in data privacy laws, working in the privacy practice of law firms or in the data protection and privacy teams of companies
- HR Professionals who want to assist their organisations in storing and processing employee data, covered by data protection legislations.
- Commerce students working in operations, sales, marketing etc.
- IT professionals who want to help their organisation with data protection and privacy work etc.
- Young lawyers who want to shift from traditional areas of legal practice to data protection and privacy laws and work with fast-growing startups, law firms or in the privacy teams of companies
- Chartered Accountants and Company Secretaries who want to provide unique and high-value services to their clients, especially related to technology
- In-house counsels who want to assist their organisations in addressing data protection and privacy work at a global level
What will you learn from this course?
- You will learn about how to identify applicability of Indian data protection and privacy laws and advise clients/or your company with implementation
- You will learn how to handle data breaches and incidents
- You will learn how to work on domestic and cross-border third-party data transfers
- You will learn about how to review agreements with different parties to ensure compliance with data protection and privacy laws;
- You will learn how to collaborate with other teams, perform create compliance programs, processes, audits, develop policies, and inform regulators
Online 24/7 access
Access to basic study material through an online learning management system, Android and iOS app
Hard Copy Study Material
Hard copy study material modules to be couriered to your address
Mock tests and Practice MCQs
You will be provided 10 mock tests of 25 questions each, for each certification. In total, you will attempt about 250 questions easily before you attempt the Lead Auditor/ Lead Implementer exam for each certification.
Live Online Classes to Teach Paralegal Assignments Specific Work
There will be a live video-based online class to teach you specific US contract drafting work performed by paralegals. You can ask questions, share your screen, get personal feedback in this class. Every week there will be approx. 1-1.5 hours of class to teach you the work and give you feedback. There will be recordings available in case you miss a class.
Convenient Class timings
Classes are held after regular work hours. Typically classes are kept on Sunday afternoon or 8-9 pm on other days.
Live Doubt Clearing
You can ask questions in class, or on the learning management system when you read a chapter. You can also schedule a one-on-one session with evaluators to perform exercises or write articles
If you take this course, follow it diligently for a month, do all the exercises but still do not find value in it, or not able to understand or follow it or not find it good for any reason, we will refund the entire course fee to you. It is a 100% money-back guarantee with only one condition, you must pursue it properly for a month. If you don’t find it valuable after that, get your entire money back.
Client Opportunities & Recruitment Support where required
- Many employers, MNC’s, law firms and other companies are happy to recruit our high performing students. If you do well in your exercises and classes, we can help you to get jobs, internships and assessment internships in good companies, with renowned professionals.
- Our team helps our students in building their profile on LinkedIn and freelancing platforms to increase their reach to the potential recruiters or clients.
- Our experts guide the students on how to crack any interview.
- On-demand, we provide mock interviews for our students looking for jobs.
- We share multiple internship/recruitment opportunities every week on our Whatsapp group.
- We help our students to get internships not only at MNCs, law firms and chambers, but also with rising startups in diverse sectors.
- Our mentorship helps students to avoid running in the rat race behind the regular job openings; rather we help them design their own path based on their personal interests.
- We share multiple and diverse client opportunities with our pool of professionals and practising advocates on a daily basis. Our references have helped several advocates really scale up their practice. .
How to determine applicability of Indian data protection and privacy compliance
How and when to validly claim exemptions from Indian data protection laws
How to identify business contact information
How to determine the role of your client/employer - Processor/Sub-processor or Controller, Significant Data Fiduciaries or a combination of the above roles
How the client/employer role influences implementation obligations and liabilities
What to do if your client/employer plays multiple roles in different scenarios
Which organisations need to appoint a DPO
Consequences of material non-compliance
How to create a roadmap for organisational implementation
How to get started and initiate/lead implementation for your client/employer
Crucial tasks and checklists for implementation
Treatment of past processing activities
Appointment of privacy counsels, DPOs, internal grievance redressal mechanisms
How conduct a data protection impact assessment, analyse key risks in a DPIA report and create a roadmap for implementation
Alignment of stakeholders from marketing, sales, HR, ops and finance
Establishment of department-wise processes and SOPs
How to conduct data audits
Conducting department-wise Trainings
Drafting and advisory work
Drafting Policies and Notices
Identification of grounds for processing data - consent and legitimate uses
How to validly invoke these grounds in data implementation
Key elements of a privacy notice and how to draft one
How to customise privacy notices and cookie policies for SAAS, e-commerce, fintech, BFSI and AI
Sample templates of privacy notices and cookie policies
How to create data breach policies
How to create asset policies and BYOD policies
How to create Acceptable Use Policies
How to create data retention policies and schedules
How to conduct a DPIA
How to identify if DPIA is required
Identifying key POCs for a DPIA
How to create a record of processing activities
How to create a data flow map
How to scrutinise data security measures
How to assist the business teams to fill the DPIA
Sample templates of DPIA
Identifying the legal and risk treatment controls
Understanding and mitigating the issues highlighted in DPIA
How to create a grievance redressal mechanism
Understanding the obligations of Significant Data Fiduciaries to create grievance redressal mechanism
How to establish a competent grievance redressal mechanism
How to implement the right to “grievance redressal” in any organisation
What are the timelines to respond to any grievance and how to design a process to handle them?
Requirements for third party data transfers and cross-border data transfers
Identifying restrictions on cross-border transfers through sectoral laws and regulations
How to ensure rights mentioned under Indian law in cross-border transfers
How to analyse the risk associated with any cross-border transfer
Contractual clauses necessary for valid third-party transfers
How to keep a track of the blacklisted countries by the government
How to lead/review department-wise trainings as a data protection lawyer/privacy counsel
How to conduct an awareness or training session for different departments
Identification of data processed by the relevant department
Drill-down into user access rights and admin controls
Mapping specific restrictions on processing, sharing internally, with external agencies and deletion
Training, refreshers and certification
Relevant provisions for administration of data privacy trainings:
Data Protection Regulations
Identifying and Handling Sensitive Data
Social Engineering Awareness
Understanding the Best Practices in Data Privacy and Security
How to evaluate the effectiveness of the awareness or training sessions
How to handle Data Principal Rights
Understanding Rights of Data Principals
Right to correction and erasure of data
Right to nominate
Right to access
Right to withdraw consent and data deletion rights
Right to grievance redressal
How to implement a secure deletion process that allows users to permanently remove their data upon request.
How to maintain a directory of individuals who have exercised the right to nomination
How to collaborate on a self-service portal where users can view and download their data
Implementation of popular tools
How to implement data deletion rights across the company
How to enable and provide a mechanism to register grievances
How to liaise with team members in case of Data Access Requests
Incident response and how to handle data breaches
Obligations in case of an incident or a data breach
How to develop detailed policies and procedures for incident identification, reporting, and response
How to identify key roles and responsibilities in a data breach team
How to perform pre-emptive risk assessments to identify critical assets, potential threats, and vulnerabilities
How to prepare a public statement and communicate with customers, partners, and regulators
Powers of Government, Investigative Agencies and Regulatory Authorities For Interception and Disclosure
Statutory provisions and circumstances which require disclosure of personal information: tax laws, anti money-laundering laws, SEBI and RBI Regulations, Delhi Special Police Establishments Act, state
Powers of government, investigative agencies and data protection board to intercept or require disclosure and procedural requirements
How to handle requests for disclosure from such agencies and how to verify whether the disclosure rules are validly invoked by government agencies
What to do if government/investigative agencies exercise powers in violation of procedures
Consequences of wrongful disclosure to government agencies
Dispute resolution, penalties and proceedings before Data Protection Board
How to initiate complaints for a client
How to defend your client/organisation before the Data Protection Board
Administrative process for adjudication
Appellate process before TDSAT
Scope of writs and SLPs before and after decisions of Data Protection Board/TDSAT
incl. of all charges
Printed study material (by courier)
2 online live class/ week (48 weeks)
2 practical per week (48 weeks)
2 practical exercises per week
Get digital access to entire study material
Access on LMS, Android & iOS app
Instructor feedback on assignments
Doubt clearing on LMS & classes
Instructor led course with online live classes
Online exams (give exams as per your convenience on given time slots)
Certificate (by courier)
Access to updated content online for 3 years
Doubt clearing within 24 hours