calender icon


money icon Duration - 6 Month, 8 hrs
calender icon Course fee: - INR 51000

This course is recognized by the National Skill Development Corporation, a PPP under the Ministry of Skill Development and Entrepreneurship of the Government of India. You will receive a certificate cobranded by NSDC and Skill India on successful completion.

Who should take this course?

  • Professionals who want to shift from traditional areas of work to data protection and privacy laws and work with fast-growing startups, MNCs or in the privacy teams of companies  
  • Professionals who want to assist their organisations in addressing data protection and privacy work at a global level 
  • Professionals who want to assist their clients on the side with data protection and privacy work 
  • Law students who are interested in building a career in data protection and privacy compliance - starting early will give you a headstart as this space is specialised and you will have a massive advantage in securing career opportunities if you are trained  
  • Law students who are interested in building a career in data privacy laws, working in the privacy practice of law firms or in the data protection and privacy teams of companies
  • HR Professionals who want to assist their organisations in storing and processing employee data, covered by data protection legislations.
  • Commerce students working in operations, sales, marketing etc.
  • IT professionals who want to help their organisation with data protection and privacy work etc.
  • Young lawyers who want to shift from traditional areas of legal practice to data protection and privacy laws and work with fast-growing startups, law firms or in the privacy teams of companies  
  • Chartered Accountants and Company Secretaries who want to provide unique and high-value services to their clients, especially related to technology 
  • In-house counsels who want to assist their organisations in addressing data protection and privacy work at a global level

What will you learn from this course?

  • You will learn about how to identify applicability of Indian data protection and privacy laws and advise clients/or your company with implementation 
  • You will learn how to handle data breaches and incidents
  • You will learn how to work on domestic and cross-border third-party data transfers
  • You will learn about how to review agreements with different parties to ensure compliance with data protection and privacy laws;
  • You will learn how to collaborate with other teams, perform create compliance programs, processes, audits, develop policies, and inform regulators

Training Methodology

Online 24/7 access

Access to basic study material through an online learning management system, Android and iOS app

Hard Copy Study Material

Hard copy study material modules to be couriered to your address

Mock tests and Practice MCQs

You will be provided 10 mock tests of 25 questions each, for each certification. In total, you will attempt about 250 questions easily before you attempt the Lead Auditor/ Lead Implementer exam for each certification.

Live Online Classes to Teach Paralegal Assignments Specific Work

There will be a live video-based online class to teach you specific US contract drafting work performed by paralegals. You can ask questions, share your screen, get personal feedback in this class. Every week there will be approx. 1-1.5 hours of class to teach you the work and give you feedback. There will be recordings available in case you miss a class.

Convenient Class timings

Classes are held after regular work hours. Typically classes are kept on Sunday afternoon or 8-9 pm on other days.

Live Doubt Clearing

You can ask questions in class, or on the learning management system when you read a chapter. You can also schedule a one-on-one session with evaluators to perform exercises or write articles

Money-back guarantee

If you take this course, follow it diligently for a month, do all the exercises but still do not find value in it, or not able to understand or follow it or not find it good for any reason, we will refund the entire course fee to you. It is a 100% money-back guarantee with only one condition, you must pursue it properly for a month. If you don’t find it valuable after that, get your entire money back.

Client Opportunities & Recruitment Support where required

  • Many employers, MNC’s, law firms and other companies are happy to recruit our high performing students. If you do well in your exercises and classes, we can help you to get jobs, internships and assessment internships in good companies, with renowned professionals.
  • Our team helps our students in building their profile on LinkedIn and freelancing platforms to increase their reach to the potential recruiters or clients.
  • Our experts guide the students on how to crack any interview.
  • On-demand, we provide mock interviews for our students looking for jobs.
  • We share multiple internship/recruitment opportunities every week on our Whatsapp group.
  • We help our students to get internships not only at MNCs, law firms and chambers, but also with rising startups in diverse sectors.
  • Our mentorship helps students to avoid running in the rat race behind the regular job openings; rather we help them design their own path based on their personal interests.
  • We share multiple and diverse client opportunities with our pool of professionals and practising advocates on  a daily basis. Our references have helped several advocates really scale up their practice. .


How to determine applicability of Indian data protection and privacy compliance

ringIcon How and when to validly claim exemptions from Indian data protection laws

ringIcon How to identify business contact information

ringIcon How to determine the role of your client/employer - Processor/Sub-processor or Controller, Significant Data Fiduciaries or a combination of the above roles

ringIcon How the client/employer role influences implementation obligations and liabilities

ringIcon What to do if your client/employer plays multiple roles in different scenarios

ringIcon Which organisations need to appoint a DPO

ringIcon Consequences of material non-compliance

How to create a roadmap for organisational implementation

ringIcon How to get started and initiate/lead implementation for your client/employer

ringIcon Crucial tasks and checklists for implementation

ringIcon Treatment of past processing activities

ringIcon Appointment of privacy counsels, DPOs, internal grievance redressal mechanisms

ringIcon How conduct a data protection impact assessment, analyse key risks in a DPIA report and create a roadmap for implementation

ringIcon Alignment of stakeholders from marketing, sales, HR, ops and finance

ringIcon Establishment of department-wise processes and SOPs

ringIcon How to conduct data audits

ringIcon Conducting department-wise Trainings

ringIcon Drafting and advisory work

Drafting Policies and Notices

ringIcon Identification of grounds for processing data - consent and legitimate uses

ringIcon How to validly invoke these grounds in data implementation

ringIcon Key elements of a privacy notice and how to draft one

ringIcon How to create a cookie policy

ringIcon How to customise privacy notices and cookie policies for SAAS, e-commerce, fintech, BFSI and AI

ringIcon Sample templates of privacy notices and cookie policies

ringIcon How to create an internal privacy policy for implementation of privacy laws

ringIcon How to create data breach policies

ringIcon How to create asset policies and BYOD policies

ringIcon How to create Acceptable Use Policies

ringIcon How to create data retention policies and schedules

How to conduct a DPIA

ringIcon How to identify if DPIA is required

ringIcon Identifying key POCs for a DPIA

ringIcon How to create a record of processing activities

ringIcon How to create a data flow map

ringIcon How to scrutinise data security measures

ringIcon How to assist the business teams to fill the DPIA

ringIcon Sample templates of DPIA

ringIcon Identifying the legal and risk treatment controls

ringIcon Understanding and mitigating the issues highlighted in DPIA

How to create a grievance redressal mechanism

ringIcon Understanding the obligations of Significant Data Fiduciaries to create grievance redressal mechanism

ringIcon How to establish a competent grievance redressal mechanism

ringIcon How to implement the right to “grievance redressal” in any organisation

ringIcon What are the timelines to respond to any grievance and how to design a process to handle them?

Requirements for third party data transfers and cross-border data transfers

ringIcon Identifying restrictions on cross-border transfers through sectoral laws and regulations

ringIcon How to ensure rights mentioned under Indian law in cross-border transfers

ringIcon How to analyse the risk associated with any cross-border transfer

ringIcon Contractual clauses necessary for valid third-party transfers

ringIcon How to keep a track of the blacklisted countries by the government

How to lead/review department-wise trainings as a data protection lawyer/privacy counsel

ringIcon How to conduct an awareness or training session for different departments

Identification of data processed by the relevant department

Drill-down into user access rights and admin controls

Mapping specific restrictions on processing, sharing internally, with external agencies and deletion

Department-specific examples

Training, refreshers and certification

ringIcon Relevant provisions for administration of data privacy trainings:

Data Protection Regulations

Identifying and Handling Sensitive Data

Social Engineering Awareness

Understanding the Best Practices in Data Privacy and Security

ringIcon How to evaluate the effectiveness of the awareness or training sessions

How to handle Data Principal Rights

ringIcon Understanding Rights of Data Principals

Right to correction and erasure of data

Right to nominate

Right to access

Right to withdraw consent and data deletion rights

Right to grievance redressal

ringIcon How to implement a secure deletion process that allows users to permanently remove their data upon request.

ringIcon How to maintain a directory of individuals who have exercised the right to nomination

ringIcon How to collaborate on a self-service portal where users can view and download their data

ringIcon Implementation of popular tools

ringIcon How to implement data deletion rights across the company

ringIcon How to enable and provide a mechanism to register grievances

ringIcon How to liaise with team members in case of Data Access Requests

Incident response and how to handle data breaches

ringIcon Obligations in case of an incident or a data breach

ringIcon How to develop detailed policies and procedures for incident identification, reporting, and response

ringIcon How to identify key roles and responsibilities in a data breach team

ringIcon How to perform pre-emptive risk assessments to identify critical assets, potential threats, and vulnerabilities

ringIcon How to prepare a public statement and communicate with customers, partners, and regulators

Powers of Government, Investigative Agencies and Regulatory Authorities For Interception and Disclosure

ringIcon Statutory provisions and circumstances which require disclosure of personal information: tax laws, anti money-laundering laws, SEBI and RBI Regulations, Delhi Special Police Establishments Act, state

ringIcon Powers of government, investigative agencies and data protection board to intercept or require disclosure and procedural requirements

ringIcon How to handle requests for disclosure from such agencies and how to verify whether the disclosure rules are validly invoked by government agencies

ringIcon What to do if government/investigative agencies exercise powers in violation of procedures

ringIcon Consequences of wrongful disclosure to government agencies

Dispute resolution, penalties and proceedings before Data Protection Board

ringIcon How to initiate complaints for a client

ringIcon How to defend your client/organisation before the Data Protection Board

ringIcon Administrative process for adjudication

ringIcon Appellate process before TDSAT

ringIcon Scope of writs and SLPs before and after decisions of Data Protection Board/TDSAT

Course Plan


RS. 51000

incl. of all charges

Printed study material (by courier)

2 online live class/ week (48 weeks)

 2 practical per week (48 weeks)

2 practical exercises per week 

Get digital access to entire study material

Access on LMS, Android & iOS app

Instructor feedback on assignments

Doubt clearing on LMS & classes

Instructor led course with online live classes

Online exams (give exams as per your convenience on given time slots)

Certificate (by courier)

Access to updated content online for 3 years

Doubt clearing within 24 hours