Corpolit & Co. LLP protects and respects your privacy and processes data as a data controller in accordance with the Indian Information Technology Act, 2000, the Indian Digital Personal Data Protection Act, 2023, the European Data Protection Regulation (GDPR) and other applicable laws. This policy explains how we may process your personal data. Any updates to this policy will appear on this page and may also appear as an update on the Firm’s website. However, we assume no liability for any failure to notify such updates on the website. We recommend that you check this page periodically in order to review our current privacy policies and practices and we further request you to note that your continued use of our website after any changes have been made to this policy shall be deemed an acceptance of the changed terms of this policy.

Personal Data

Personal data means any information relating to an identified or identifiable natural person. We usually collect personal data because you have provided it to us, for example by entering into an agreement with us, giving us your business card, entering your data on our website, agreeing to receive briefings and other publications from us, or applying for a position with us. We may also collect your personal data from other sources, including publicly available sources.

Personal data that we may collect and process may include:

• Basic information such as your name, your employer and your title or position;
• Contact information such as your e-mail address, postal address and phone number;
• Financial information, such as bank account and credit card details;
• Identification and background information provided by you or otherwise collected by us as part of our business acceptance procedures;
• Details of your visits to our offices or of other meetings that we may have with you;
• Data you provide to us for the purposes of attending events or meetings, such as access and dietary requirements;
• Information that you may provide to us for the purpose of a job application;
• Data related to your visit to our website or in relation to materials and communications we send you electronically;
• Any other personal information that you may provide to us or we may legitimately obtain from a third party source.

How do we use your Personal Data?

We will only process your personal data in connection with our ordinary professional activities, including the fulfillment of our legal or regulatory obligations. We will do so on the basis of your consent, performance of a contract, compliance with a legal obligation or legitimate interest. The purposes for which we may process your personal data include:

• Providing our services;
• Complying with our legal and regulatory obligations;
• Processing your payment requests through our payment gateway provider;
• Managing our business development and marketing activities, such as briefings and invitations to our events;
• Keeping you informed by sending out informational updates;
• Handling your job application or otherwise managing our recruitment processes;
• Generating statistics regarding the use of our website or to analyse and improve on our website; and
• Fulfilling our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims.

Security of your Personal Data:

We maintain appropriate technical and organizational security measures to protect your personal information against loss, destruction, misuse, damage, alteration or disclosure.

Your rights regarding your Personal Data:

As a data subject, you have a number of legal rights under applicable data protection legislation. Please note that certain of these rights may be limited in certain cases, for example to protect legal privilege or to satisfy our legal or regulatory obligations. In particular, you are entitled:

• To request details of the personal data we have concerning you;
• To have your personal information rectified or corrected if it is inaccurate or incomplete;
• To request the erasure of the personal data that relates to you;
• To withdraw your consent;
• To object to or request restrictions on the processing of your data;
• To have personal data transmitted to another organization in an appropriate format;
• To object to profiling; and
• To lodge a complaint with a supervisory authority.

If you wish to exercise these rights, you may, at any time, contact us using the contact details at the end of this policy document.

Sharing with Others:

We may disclose your personal information to third parties for purposes mentioned in this document. These include without limitation:

• third parties relevant to the legal services we provide, such as counterparties, other counsel, courts, regulatory bodies and government institutions;
• third parties we engage with in order to comply with legal obligations, such as our professional advisers and auditors; and
• third parties in connection with the processing of your personal data.

We will only disclose your personal data to such third parties for the purposes stated in this Privacy Policy. Where we do so, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure its integrity and protection.

Retention Period:

We will not store the personal data of users any longer than is necessary to achieve the purposes stated in this Privacy Policy, or to comply with laws or regulations.

Non-existence of Automated Decision Making:

We do not use automated decision-making or profiling. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person.

Contact us for more Information

If you require more information or have any questions or complaints regarding the treatment of your personal data, please email us at partner@corpolitllp.com or write to us at Corpolit & Co. LLP, E-62, Greater Kailash Enclave - I, New Delhi, PIN 110048, India.