This interview has been published by Anshi Mudgal and The SuperLawyer Team

With your background in B.Sc. Zoology (Hons) from Delhi University, what inspired you to pursue transition into a career law?
I have always loved animals and had a deep desire to conserve the ecosystem. And so, I pursued Zoology (hons.). However, I found myself spending more time dissecting animals in the lab rather than engaging in real-world conservation, and I realized that wasn’t my true calling. Instead, I tapped into my passion for justice, perhaps inspired by my grandfather, who was a distinguished advocate at the Calcutta High Court. Law felt like the perfect path to channel my analytical skills, problem-solving abilities, and commitment to helping others navigate complex systems. The prospect of influencing businesses, individuals and society through legal frameworks ultimately motivated me to choose the legal profession.
Having begun your career with leading companies like Paytm and MakeMyTrip, what are some key learning experiences from these roles that helped shape the foundation of your legal practice?
Beginning my legal career with industry giants like Paytm and MakeMyTrip were deep learning experiences that shaped my professional trajectory. These dynamic, high-growth environments coincided with the emergence of fintech and e-commerce in India, at a time when payment gateways, wallets, and online marketplaces were still novel concepts. As one of the first few legal professionals in India to finalize merchant onboarding processes and payment gateway agreements, I was at the forefront of a rapidly evolving legal landscape. I learned that legal decisions cannot be made in isolation; and that they must align with broader business strategies, technology, regulatory frameworks and stakeholder expectations.
Working in such a dynamic landscape helped me realise the need to understand business at a granular level, recognizing that legal solutions must be both proactive and adaptable to the shifting needs of the market. Equally important was the realization that close collaboration with business teams is essential, ensuring that legal counsel supports and aligns with commercial objectives while managing risk effectively. These formative years shaped my approach to legal practice, grounding it in practical, risk-aware solutions that are strategically integrated with business’s broader goals.
Given your extensive experience in data protection and privacy compliance across jurisdictions such as the EU, USA, Brazil, and India, how do you ensure your organization’s privacy policies remain up-to-date and compliant with evolving global regulations like GDPR, CCPA, and HIPAA? Could you elaborate on the process you follow for conducting Data Protection Impact Assessments (DPIAs) and ensuring ongoing compliance?
Keeping privacy policies compliant in an ever-changing global landscape is a real challenge, but it’s also incredibly rewarding. To stay on top of regulations like GDPR, CCPA, HIPAA, and other global frameworks, it’s essential to have a clear understanding of the data being handled by the organization. Proper classification of data ensures that each type of data is managed according to its specific requirements. Regular audits of current policies are crucial for identifying gaps and aligning practices with the latest regulatory requirement; and ensuring data collection, storage, and sharing are compliant. I actively engage with legal-tech networks like the DPO Club, attend relevant webinars, and consult with experts across different jurisdictions. When conducting Data Protection Impact Assessments (DPIAs), I follow a rigorous process that begins with identifying potential privacy risks. Collaborating closely with business, product, and technology teams helps me mitigate these risks, ensuring our policies are not only compliant but also serve the best interests of our users. Continuous reviews, audits, and training are essential to maintaining ongoing compliance in this dynamic environment.
You have significant experience in standardizing and reviewing high-risk agreements across various teams. Could you describe your approach to negotiating complex contracts, such as technology development or licensing agreements, with international partners? How do you ensure these contracts are both legally sound and strategically aligned with the company’s goals?
Negotiating complex contracts in areas such as tech development, licensing, SaaS, fintech, and transactional agreements is one of the most stimulating aspects of my role. I approach these agreements with a careful yet flexible mindset, and after fully understanding the intricate nature of the technologies involved. The growing integration of artificial intelligence, coupled with the regulatory intricacies of fintech and transactional law, adds another layer of complexity. It’s essential that the terms are not only legally sound but also strategically aligned with the company’s Memorandum of Association (MOA), Articles of Association (AOA), shareholder agreements, and Investor Protection matters. Ensuring compliance and minimizing risk requires close collaboration with cross-functional teams, guaranteeing that agreements are robust, enforceable, and fully aligned with both legal requirements and business objectives.
In your current role, you’ve led cross-functional teams to deliver projects on time, showcasing strong leadership and collaboration. How do you effectively manage teams across legal and business functions, especially in complex projects that require close coordination between multiple departments?
I focus on clear communication and strong collaboration. It’s critical to connect with marketing/sales, tax, finance, tech, and SCM to ensure everyone’s inputs are met and validated. I prioritize regular check-ins and transparent discussions to keep everyone aligned on objectives, timelines, and potential risks. By fostering an environment where cross-functional teams feel comfortable sharing insights, risk can be mitigated.
As an expert in Data Privacy Law with knowledge of various global privacy laws, such as GDPR, PDPB, Australian Privacy, and US laws, how do you view the evolution of India’s privacy landscape, particularly with the DPDP Act? What areas do you think require improvement based on your understanding of these international laws?
India’s privacy landscape is rapidly evolving with the introduction of the Digital Personal Data Protection (DPDP) Act, but much depends on the upcoming rules and their practical application. While the Act is a significant step forward, there are key questions, particularly around defining ‘significant data fiduciaries’ and managing end-user consent within existing tech ecosystems. The success of the DPDP Act will ultimately depend on its enforcement and how businesses implement it in practice.
Managing work commitments and handling stressful situations daily must be demanding. How do you balance your professional responsibilities with personal obligations, and what strategies do you use to remain calm in high-pressure situations? What motto or philosophy helps you stay motivated?
Balancing work and life can feel like juggling flaming swords, but I’ve learned to embrace the chaos. My secret- I’ve made a pact with stress: ‘You can hang around, but we’re not going to be best friends.’ I take regular breaks, go for walks, and create to-do lists so detailed they could be mistaken for novels. Staying organized and setting boundaries is key though sometimes my calendar looks like a colourful game of tetris. When challenges arise, I focus on solutions and try to keep a cool head which becomes tough sometimes. My motto is ‘Focus on what you can control and let go of the rest.
What advice would you give to aspiring legal professionals who hope to follow a career path similar to yours, working for large corporations in a legal capacity? Additionally, could you share the resources you rely on to stay informed about the latest trends in data privacy and cyber law, and recommend them to learners interested in this field?
To aspiring legal professionals, my advice is simple: be curious, stay humble, and embrace continuous learning. The legal field is constantly evolving, especially in areas like data privacy and cyber law. To stay ahead, I recommend diving into resources like IAPP, DSCI and podcasts focused on data privacy. These are great ways to keep up with the latest trends and best practices. Networking with professionals in the field and attending conferences or webinars can also provide valuable insights. Most importantly, don’t be afraid to step out of your comfort zone and take on challenging roles that push you to grow.
Get in touch with Taniya Yadav –
