Factsheets: 📈 Markets 🎯 Mandates 📋 Case Studies 📘 SOPs 🏛 Trade Bodies 🏙 Cities 🌍 Countries 🇮🇳 Indian States ⚓ Ports 🏛️ SEZs 🤝 Blocs 📜 FTAs 🛤 Corridors ⚙ Verticals 📦 Commodities 🧮 Tools ⚖️ Compare 🌐 Bilateral Hubs 📚 Library 🎓 Academy ✍️ Essays 📰 Blog 🔤 Lexicon ❓ FAQ 📡 Authority Sources ⚡ Daily Pulse 📰 Topic Briefs 📡 Google Signals 🧭 Scope Scape cron-refreshed
Live factsheets · cron-refreshed

All factsheets at a glance

Command center →
📈 Markets
554
global + India · commodities + indices + shares + crypto + FX
minute
🎯 Mandates
69
sell + buy · live
daily
📋 Case Studies
37
closed · anonymised
weekly
📘 SOPs
42
step-by-step playbooks
weekly
🏛 Trade Bodies
1,350
291 baseline + 1059 hand-curated
monthly
🏙 Cities
1,584
global atlas
daily
🌍 Countries
184
multilateral
weekly
🇮🇳 Indian States
37
state trade profiles
monthly
⚓ Ports
52
global maritime gateways
monthly
🏛️ SEZs
31
global SEZ profiles
monthly
🤝 Blocs
28
tracked
monthly
📜 FTAs
526
active or signed
monthly
🛤 Corridors
37
tracked
monthly
⚙ Verticals
50
sectoral
weekly
📦 Commodities
51
HS-coded intelligence
monthly
🧮 Tools
105
free utilities
monthly
⚖️ Compare
pairwise combinations
monthly
🌐 Bilateral Hubs
184
India × every country
weekly
📚 Library
140
interconnected
monthly
🎓 Academy
25
trade education
monthly
✍️ Essays
30
long-form analysis
monthly
📰 Blog
34
editorial
weekly
🔤 Lexicon
312
glossary terms
monthly
❓ FAQ
155
curated Q&A
monthly
📡 Authority Sources
140
curated · vetted
hourly
⚡ Daily Pulse
145
rolling 5,000 cap
hourly
📰 Topic Briefs
29
permanent archive
hourly
📡 Google Signals
Trends·News·Alerts
hourly
🧭 Scope Scape
61
11 scopes
hourly

GDPR Compliance for Indian IT Companies: What You Actually Need to Do

GDPR applies to any organisation processing personal data of EU residents regardless of where the organisation is located. An Indian software company in Bengaluru processing EU customer data for its German client is subject to GDPR. Fines for serious violations: up to EUR 20 million or 4% of global annual turnover — whichever is higher.

The 6 essential GDPR obligations for Indian IT companies:

1. Data Processing Agreement (DPA). When processing EU personal data on behalf of an EU client (as a data processor), a DPA must be in place specifying what data is processed, purposes, security measures, sub-processing arrangements, and obligations of both parties. EU clients will not engage Indian IT vendors without a signed DPA.

2. Standard Contractual Clauses (SCCs). Data transfers from EU to India require SCCs — standard contractual terms approved by the EU Commission. Include Module 2 SCCs (Controller-to-Processor) in all India-EU contracts.

3. Data Protection Officer. Indian IT companies processing EU personal data at large scale should appoint a DPO who monitors compliance, conducts Data Protection Impact Assessments, and serves as the contact point for EU supervisory authorities.

4. Records of Processing Activities. Maintain a record of all personal data processing: what data, what purpose, where stored, who has access, retention period. Mandatory for organisations with 250+ employees.

5. Data breach notification. Notify EU client within 24 hours (contractual) and relevant supervisory authority within 72 hours if breach poses risk to individuals. Have a breach response plan ready.

6. Technical security measures. Implement: encryption at rest and in transit, role-based access controls, multi-factor authentication, regular penetration testing, and security awareness training. Document for client audits.

All Essays
PhiloJain Music
Loading…

Explore

Explore the AJG knowledge graph

Every page in the AJG platform cross-links to these primary entities. Click any pill to explore that branch of the knowledge graph.

All hubs · 80 surfaces · click to expand ↓