At Esplora Legal, we are committed to protecting the privacy and security of the personal data we collect from our clients, website visitors, and partners across the India-China-Central Asia corridor. This policy explains how we process your “Digital Personal Data” in compliance with the Digital Personal Data Protection Act (DPDP), 2023, and international privacy standards.
1. Data We Collect
We collect data through your interaction with our website and our professional services:
- Voluntary Information: Name, email address, phone number, and professional affiliations provided via contact forms or consultation requests.
- Automatic Data: IP addresses, browser types, and device identifiers collected via cookies to optimize website performance and security.
- Client Data: Information necessary for legal representation, including corporate documents, financial records, and identification for “Know Your Client” (KYC) compliance.
2. Purpose of Processing
In accordance with the principle of Purpose Limitation, we only process your data for:
- Providing legal advisory and market entry services.
- Responding to inquiries and scheduling consultations.
- Complying with statutory obligations (e.g., anti-money laundering regulations).
- Protecting the security and integrity of our digital platforms.
3. Consent & Your Rights
Under the DPDP Act, you are the “Data Principal.” You have the following rights:
- Right to Access: You may request a summary of the personal data we hold about you.
- Right to Correction/Erasure: You may ask us to update inaccurate data or delete data that is no longer necessary for the purpose it was collected.
- Right to Withdraw Consent: You may withdraw your consent at any time. We will provide an easy mechanism (e.g., a “Withdraw Consent” link) to do so.
- Right to Grievance Redressal: If you have concerns about how your data is handled, you may contact our Grievance Officer (see Section 7).
4. Cross-Border Data Transfers
As a firm with offices in Mumbai, Shanghai, Astana, and Tashkent, your data may be transferred across borders.
- We ensure that such transfers comply with the regulations of the originating country (such as India’s DPDP cross-border rules and China’s PIPL).
- We only transfer data to jurisdictions that provide an adequate level of data protection or where we have established robust contractual safeguards.
5. Data Security & Retention
We implement “Reasonable Security Safeguards” to prevent data breaches:
- Encryption: All sensitive data is encrypted at rest and in transit.
- Access Control: Access to personal data is restricted to authorized personnel on a “need-to-know” basis.
- Retention: We retain personal data only as long as necessary to fulfill the purpose of collection or as required by law (typically 7–10 years for legal files).
6. Cookies & Tracking
Our website uses cookies to enhance user experience. You can choose to “Decline” non-essential cookies through our cookie banner.
Note: Declining cookies may limit certain functionalities of the website.
7. Contact Information (Grievance Redressal)
If you wish to exercise your rights or file a complaint, please contact our Data Protection Officer (DPO):
Esplora Legal Attn: Grievance Officer / DPO
Address: Level 18, C Wing, One BKC, Bandra Kurla Complex, Mumbai, India.
Phone: +91-90319 04888