Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Kartik Arora

Gurgaon

Summary

Energetic legal and compliance professional having experience of handling data privacy, corporate, forex and other compliance/ legal matters.

Overview

7
7
years of professional experience
8
8
Certificates

Work History

Data Privacy Analyst (Band 30)

American Express India Private Limited
Gurgaon
07.2024 - Current
  • Conducting Privacy Risk Assessments/Data Privacy Impact Assessments (DPIAs) for new products/technological solutions/processes for the EU, UK, Australia, Canada, and USA Markets.
  • Enhancing company's privacy program to address the requirements of the EU AI Act.
  • Conducting reviews of Operational Risk Events to identify root causes and mitigating gaps.
  • Ensuring records of processing activities are accurately maintained in line with GDPR requirements including the requirements of EU AI Act.
  • Developing and delivering training programs on global privacy compliance to employees across the globe.
  • Review and mapping of appropriate disclosures on the organization's websites and tools.
  • Implementation of necessary changes in the Privacy Program for the Indian Market in line with the requirements of the DPDPA, 2023.
  • Providing support, guidance, and training to junior analysts in the team.

Senior Analyst - Data Privacy

KPMG Global Services Private Limited
08.2023 - 07.2024
  • Handling all aspects of GDPR compliance, including policy development, implementation, training, and monitoring
  • Responding to Subject Access Requests (SARs) in line with GDPR timelines and requirements
  • Ensuring records of processing activities are accurately maintained in line with GDPR requirements
  • Building, maintaining, and advancing company's privacy program, including awareness initiatives and risk management strategies
  • Conducting Data Privacy Impact Assessments (DPIAs) to identify and mitigate privacy risks associated with new projects and initiatives
  • Negotiating Data Processing Agreements (DPAs) with vendors and clients, ensuring alignment with GDPR requirements
  • Developing and delivering training programs on GDPR compliance to employees across all departments
  • Monitoring and reporting on privacy incidents, including maintaining up-to-date records of all incidents
  • Collaborating with legal, IT, security, and other relevant departments to ensure consistent data protection practices.

Senior Associate - Compliance

Evalueserve SEZ (Gurgaon) Private Limited
11.2022 - 08.2023
  • Ensuring compliances under Data Protection, Corporate, Information Technology and other relevant laws; Setting up framework for maintenance of Records of Processing Activities
  • Drafting and vetting of Master Service Agreements, Data Processing Agreements ("DPAs"), Privacy Notices, Privacy Statements; Conducting Data Protection Impact Assessments ("DPIA"); Responding to Data Subject Requests;

Compliance Executive

Luther Corporate Services Private Limited
06.2019 - 11.2022
  • Providing advisories on compliances as per Global Data Protection Laws, Information Technology Laws, Foreign Exchange Laws, and Labor Laws; Conducting Data Protection Impact Assessments ("DPIA"); Conducted training sessions on data protection laws for employees; Drafting and vetting of Data Processing Agreements including SCCs; Drafting of Privacy Policies and Privacy Notices; Incorporation of business entities in India; Handling compliances under Indian Corporate Laws and Foreign Exchange Laws.

Compliance Assistant

Draphant Consultants Private Limited
07.2018 - 06.2019
    • Incorporation of Indian Companies, LLPs and Subsidiaries of Foreign Companies; Compliances under Companies Act, 2013 and Foreign Exchange Management Act, 1999
    • Setting up of privacy compliance framework for Platforms/SaaS; Providing advisories on various legislative matters including but not limited to data privacy matters, information technology matters, etc.; Development of policies and delivery of privacy training for employees

Education

LLB -

University of Rajasthan
Jaipur, India
06.2021

Company Secretary -

Institute of Company Secretaries Of India
Delhi, India
06.2019

Bachelor of Commerce -

Sri Aurobindo College - University of Delhi
Delhi, India
05.2018

High School Diploma -

DAV Public School
Gurgaon, India
05.2014

CIPP/E (Score - 469/500) -

IAPP
11.2024 - 11.2024

Skills

Compliancesundefined

Certification

OneTrust Certified Privacy Professional

Timeline

CIPP/E (Score - 469/500) -

IAPP
11.2024 - 11.2024

Data Privacy Analyst (Band 30)

American Express India Private Limited
07.2024 - Current

Senior Analyst - Data Privacy

KPMG Global Services Private Limited
08.2023 - 07.2024

Senior Associate - Compliance

Evalueserve SEZ (Gurgaon) Private Limited
11.2022 - 08.2023

Compliance Executive

Luther Corporate Services Private Limited
06.2019 - 11.2022

Compliance Assistant

Draphant Consultants Private Limited
07.2018 - 06.2019

LLB -

University of Rajasthan

Company Secretary -

Institute of Company Secretaries Of India

Bachelor of Commerce -

Sri Aurobindo College - University of Delhi

High School Diploma -

DAV Public School

Similar Profiles

  • Saurabh Shukla

    Saurabh ShuklaSaurabh Shukla

    Operations Support/Customer Service Analyst at American Express India Private LimitedOperations Support/Customer Service Analyst at American Express India Private Limited

    View Profile
  • Sangeet Kapoor

    Sangeet KapoorSangeet Kapoor

    Lead Financial Analyst at American Express India Private LimitedLead Financial Analyst at American Express India Private Limited

    View Profile
  • Natasha Lyall

    Natasha LyallNatasha Lyall

    Senior Customer Service Analyst at American Express (India) Private LimitedSenior Customer Service Analyst at American Express (India) Private Limited

    View Profile
Kartik Arora