Selected engagements — anonymised where the client requires it, named where they have authorised it. Every case below is a deliverable that survived a regulator review, a board meeting, or a diligence process.
Six selected engagements that illustrate how we work — from rapid readiness against new legislation to multi-year DPO arrangements that operate at the depth of in-house counsel.
Multi-entity Indian EdTech platform — full DPDPA readiness across consent, parental verification, retention and DSR machinery. Delivered with a Record of Processing covering 87 systems and 240+ data flows.
Read the case CS · 02Regional healthcare operator preparing for SDAIA scrutiny. Five-week regulator-readiness review, finding-register remediation plan, and inspection-day support — with zero material findings on review day.
Read the case CS · 03Multi-property hospitality group with guest data flowing across UAE, KSA and India. Full TIA library, SCC architecture and a defensible cross-border data flow map for board and audit-committee reporting.
Read the case CS · 04Two-year fractional DPO arrangement covering customer DPA negotiation, sub-processor governance, breach drill leadership and quarterly board reporting — at a cost the founder-led organisation could absorb.
Read the case CS · 05Regional digital publisher rebuilding subscriber-consent and ad-tech compliance. End-to-end consent management platform deployment, IAB TCF alignment, and a documented evidence trail for advertiser audits.
Read the case CS · 06Mobility platform under acquisition diligence. Six-week privacy posture upgrade — RoPA, DPIAs for telematics processing, breach response framework — delivered to a standard the acquirer's counsel signed off on without remediation conditions.
Read the caseA representative sample. Many engagements are confidential or anonymised — what follows are sectors and operational profiles, not specific brands, where attribution is restricted.
The outcomes that mattered most to the people we worked with — described by them, not us.
When the inspection notice arrived, we had the evidence pack ready that afternoon. That alone justified the engagement three times over.
They told us what we did not want to hear, then helped us fix it. That is rarer in this market than it should be.
Our acquirer's counsel asked for the source documents. They went through unchanged. We have not had that experience with any other privacy advisor.
A standing advisor we trust at the level of outside counsel — without the fees of outside counsel.
We can share a redacted version of a comparable engagement under NDA — including the deliverable structure, scope and outcomes. Just ask.
Request a case pack