Cross border data transfer- An Overview of Adequacy Decision, SCC and BCR

Introduction Data is now termed as a highly valuable asset which used for business expansions plans globally. With the technology driven world and high delivery speed big data is transferred internationally without boundaries just in fraction of seconds. However, these cross-border data transfers/ flows are regulated. As of now approx. 110+ countries have enforced dataContinue reading “Cross border data transfer- An Overview of Adequacy Decision, SCC and BCR”

Anonymisation and Pseudonymisation – Overview and Legal Regime

What is Anonymisation? The Joint Parliamentary Committee in its report on the Indian Data Protection Bill, 2021 (“DP Bill”) recently included anonymized data within the purview of the bill. The DP Bill defines anonymization in relation to personal data as: “Such irreversible process of transforming or converting personal data to a form in which aContinue reading “Anonymisation and Pseudonymisation – Overview and Legal Regime”

Consent under the data protection regime

Introduction Consent is a form of expressed and immediate acceptance of the terms by the user. Consent provides validity and is binding under certain legal regimes. Data protection laws like the GDPR, CCPA, LGPD, PIPEDA etc recognises consent as a legal basis for processing personal data. It is a highly used best practice by organisationsContinue reading “Consent under the data protection regime”

What is a Data Subject Access Request (DSAR/SAR)?

A Data Subject Access Request (DSAR) or Subject Access Request (SAR) is a form of a right provided to a data subject to exercise. They can request to know what personal data an organisation or a data controller holds on them, how it is processed, with whom the data is shared and the period forContinue reading “What is a Data Subject Access Request (DSAR/SAR)?”