Jan 2026 – Present · 3 mos

Oct 2023 – Apr 2026 · 2 yrs 6 mos · Bangalore Urban · Hybrid

• Develop and implement the company's data protection and privacy policies in line with applicable laws and regulations, such as GDPR, CCPA, or other regional data protection laws.
• Monitor and assess the company's data processing activities, ensuring compliance with data protection policies and procedures.
• Conduct data protection impact assessments (DPIAs) for new projects, initiatives, or changes to existing processes.
• Collaborate with cross-functional teams, including IT, legal, HR, marketing, and product development, to embed data protection into various business processes.
• Conduct regular audits and compliance checks to identify potential risks and areas for improvement in data protection practices.
• Develop and deliver data protection training and awareness programs for employees to foster a privacy-conscious culture.
• Stay up-to-date with changes in data protection regulations and best practices and ensure the company's policies and procedures.
• Act as the point of contact for supervisory authorities and data protection regulators regarding data protection compliance matters.
• Oversee data breach response and incident management processes, ensuring timely reporting and resolution.
• Prepare and submit data protection reports to executive management and relevant stakeholders.
• Collaborate with third-party vendors and service providers to ensure they meet the company's data protection standards.
• Facilitate training sessions and workshops for staff members.

Nov 2018 – Nov 2023 · 5 yrs · Bengaluru Area, India · Hybrid

• As a Privacy Specialist, responsible for evaluating privacy impacts and driving mitigation strategies to ensure Intel is compliant with global data protection laws. Responsibilities include:
• Partners with peers to articulate and drive privacy requirements in data inventory and mapping initiates
• Conduct privacy assessments of business processes, practices, products and services.
• Analyze and interpret privacy-related legislation and regulatory requirements and driving updates/decisions for internal policies and/or guidelines.
• Contribute to the definition, development, implementation and maintenance of corporate privacy compliance requirements.
• Provide subject matter expertise in the area of privacy and security, keeping abreast of new developments and best practices
• Act as a primary point of contact for engaging privacy office and respond to policy questions, privacy consultations, etc
• Support the Privacy Incident Management and Response process. Ensure reliable and prompt initiation of Privacy Incident Response when an incident or event is reported to the privacy office that are determined to be highly likely to involve Personal Information.
• As part of DSR requirement, responding to inquiries, individual data subject requests (including GDPR requests) and complaints, from initial receipt, through to response completion and recording of the engagement.

Feb 2018 – Oct 2018 · 8 mos · Mumbai, Maharashtra, India

• Manager, Privacy (APAC) overseeing all ongoing activities related to the development, implementation, maintenance of, and adherence to the organization’s privacy policies and procedures.
• Supporting global regions to standardize privacy strategies in APAC.
• Engaging with key stakeholders to proactively address privacy matters, as well as effectively respond to privacy issues that are relevant.
• Participating in conducting risk assessments with key internal stakeholders.
• Identify reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration or destruction of customer information or customer information systems.
• Assess the likelihood and potential damage of these threats, taking into consideration the sensitivity of the personal data.
• Responding to, investigating and resolving privacy-related inquiries and complaints from data subjects, clients, employees, etc.

Jan 2017 – Jan 2018 · 1 yr

• Supported the GDPR roll out by Initiating kick-off meetings, aligning local Privacy policy to the group Privacy Management Policy, supporting training of GDPR SPOCs and assisting in getting the Data Processing Registers filled by each vertical to identify the High Risk Process and to conduct a Privacy Impact Assessment for them.
• Supported and assisted the Group Legal and Privacy Managers in reviewing and revising the existing Inter-Company Agreements. As a part of GDPR conducting gap analysis of the existing INCA DPAs.
• Lead assessor for VSSI for conducting PIA - activities included analysis of the compliance report, review of business case and transaction documents (e.g. service specification, project plans, applications, agreements).
• Provided support in conducting BS 10012: 2009 Re-Certification Audit for all VISPL locations (Pune & Ahmedabad) and ensuring 100% compliance with the existing BS Standards.
• Conducted Joint Privacy & Legal Contractual Review for all the vendors of the company, across different locations in India.
• Reviewed and analyzed the Data Protection and Privacy Policy and Data Management and Retention Policy of the company and revised it to align it with the Vodafone Group’s and VSS standards.
• Conducted Refresher Training for Data Protection & Privacy for different Business & Corporate verticals including presentation preparation of induction material. Also conducted Training Sessions for all the SPOC in accordance with the specification for Personal Information Management System.
• Reviewed and drafted commercial and transaction documents, namely - Master Services Agreements, Contractor Services agreements, Services Agreements, Inter-Company Agreements, Memorandum of Understanding and Non–Disclosure Agreements.

May 2016 – Jan 2018 · 1 yr 8 mos

• Data Protection and Privacy
•  Worked on Global Data Protection laws such as The UK Data Protection Act 1998, European Union Directives and Safe Harbour Principles.
•  Assisted in Researches under the Information Technology Act, 2000
•  Part of Data Protection and Information Security Projects
•  General legal advisory on Data Protection related issues.
• Contracts / Agreements and Policies
•   Negotiating terms of Contracts with various vendors
•  Instituting Data Protection and Privacy clauses in Standard templates and Contracts
•  Reviewed/ Revised /standardised Confidentiality Agreement.
•  Assisted in drafting / reviewing Contracts and Agreements customized to vendor needs

Oct 2015 – Nov 2015 · 1 mo · Jaipur Area, India

• Worked on Due diligence transactions and on company documents such as Memorandum of Association, Articles of Association. Prepared Legal summaries related to the companies activities. Drafted Notes and Legal opinion and Delivered a presentation on “An Analysis of Indian Mining”
• Further assisted on research issued under the following Acts:
• 1. Partnership Act
• 2. Companies Act
• 3. FSSAI Act
• 4. Micro, Small and Medium Enterprises Act

Oct 2013 – Nov 2013 · 1 mo · Mumbai Area, India

• Worked on due diligence transactions and on company documents such as, Memorandum of Association, Articles of Association, Board Resolutions, General Meeting Resolutions and Prepared Summaries of many different agreement related to a company transaction in different due diligence.
• Further assisted on research issues under:
• 1. Companies Act, 2013
• 2. Property Law
• 3. Indian Contract Act