The Firm’s Data Protection and Privacy practice is headed by our senior partner and veteran TMT lawyer, Mr. Jayantha Fernando, who, in his capacity as the chairperson of the drafting committee for Sri Lanka’s Personal Data Protection Act, No. 09 of 2022 and a board member of the first Data Protection Authority, has been instrumental in shaping and driving the development and implementation of data protection laws in Sri Lanka. 

With extensive expertise and experience in advising and assisting both domestic and international clientele in navigating the complex landscape of data compliance, our multi-disciplinary team is well-equipped and reputed for providing innovative and practical advice and solutions. We also understand the importance of ensuring that such solutions are developed collaboratively with in-house teams to be customized, actionable and to build understanding and capacity moving forward. 

Our services include a broad spectrum of data protection and privacy related legal services, including – the negotiation, formulation and drafting of requisite contracts and documentation (such as data protection and privacy policies, data processing agreements, joint controller agreements, etc.), advising on intra-group and third party cross-border transfers, conducting related data compliance and due diligence audits, assisting with and advising on responses to data breaches and related investigations or litigation, third party impact assessments from a legal and compliance perspective, as well as broader data governance strategy and framework development.