India: Offshoring to India: Are Your Trade Secrets and Confidential Information Adequately Protected?

Last Updated: 26 March 2010
Article by Sonia Baldia

Originally published 12 February 2010

Keywords: India, outsourcing, IT, BPO, knowledge process offshoring, KPO, R&D,

Despite growing competition from emerging markets around the world, India continues to be the number one destination for outsourcing services involving information technology and business processes (IT/BPO services). In recent years, moreover, a new model of global sourcing known as "knowledge process offshoring" (KPO) has taken hold, and India has quickly become the global leader of KPO services.

KPO involves the offshore outsourcing of knowledge-driven or "high-end" processes that require specialized domain expertise. Today, Indian suppliers of KPO successfully deliver outsourced processes across a growing spectrum of sophisticated disciplines, including research and development (R&D), insurance underwriting and risk assessment, financial analysis, data mining, investment research, statistical analysis, tax preparation, engineering and design, animation, graphics simulation, medical services, clinical trials, legal services and more.

As offshoring of services to India moves up the value chain from IT/BPO to KPO, the protection of intellectual property (IP)—including any trade secrets or confidential information that may be transferred to or created in India in the context of a KPO sourcing—becomes an ever more critical concern for the offshoring customer. IP concerns must be knowledgeably addressed to maximize the benefits and strategic incentives that the offshoring model can deliver without losing control of valuable customer IP. This article identifies key issues that any offshoring customer should carefully assess in order to mitigate the risks associated with offshoring trade secrets and other confidential information to India.

When offshoring a high-end process or functionality to India, knowledge (such as source code, formulae, designs, specifications or experimental data) that is transferred offshore is often confidential in nature and is generally not suitable for local registrations in the form of patents.  Therefore, before initiating an offshoring process, a US customer must seriously consider how it can best protect this information to maintain its competitive advantage. A primary concern for a US customer should be the Indian service provider's ability and willingness to safeguard customer-owned trade secrets and other commercially valuable confidential information against misappropriation, misuse, unauthorized disclosure, sabotage or theft.

India's Existing Legal Framework for Trade Secrets

In the United States, trade secrets are afforded statutory protection at both federal and state levels, with meaningful civil and criminal remedies to counter misappropriation. Penalties for misappropriation can, and often do, include significant compensatory and punitive damages, injunctive relief and attorneys' fees. This is not the case in India, however. Indian law provides no statutory or other legal protection of trade secrets. This non-legal environment presents numerous challenges concerning trade secret protection and enforcement, and it can jeopardize a US customer's IP unless the customer carefully employs certain contractual mechanisms that are enforceable in India.

In the Indian legal context, parties must rely primarily on contracts to protect trade secrets. Indian law recognizes the common law tort of "breach of confidence" irrespective of the existence of a contract. But the tort's utility is limited in an offshore sourcing context because the duty of confidence at issue can be enforced only against a party that is either a fiduciary to the US customer or is in an employer-employee relationship with the complaining party. Also, the duty arguably extends only to the unauthorized disclosure of confidential information to a third party and does not prevent the recipient's own "misappropriation" of the information.

Perils of Subcontracting

Consider a hypothetical situation involving an Indian service provider that has engaged a subcontractor in India to perform the offshored services for a US customer. If the Indian subcontractor discloses or misappropriates the US customer's trade secrets or confidential information, the customer has neither a breach-of-confidence claim against the subcontractor nor a breach-of-contract claim, except in the unlikely event that the US customer has contracted directly with the subcontractor.

The contract between the US customer and the Indian service provider might well hold the provider liable for damages caused by the subcontractor's inappropriate disclosure. But that cause of action still does not directly address or foreclose the subcontractor's past and possibly future misconduct. Essentially, then, the US customer is left without a direct remedy against the Indian subcontractor and without an immediate legal means to effectively stop the disclosure.

Employee Misconduct

Concern for third-party subcontractor misconduct unfortunately exists with respect to the misconduct of employees and ex-employees of the Indian service provider. Surveys reveal that a majority of data-misconduct situations originate with employees or ex-employees of a service provider. Recently reported instances involving the theft of trade secrets belonging to western companies offshoring to India illustrate the gaps in Indian law that expose IP in offshore transactions to real vulnerability.

In 2002, for example, a former employee of Geometric Software Solutions Ltd., an Indian software vendor, attempted to sell proprietary source code owned by SolidWorks, a US client of Geometric, to the client's competitors. The former Geometric employee was caught red-handed in a sting operation, but he could not be effectively prosecuted in India because the source code was considered a trade secret. Indian law did not recognize "misappropriation" of trade secrets, and the US client did not have any contractual arrangements with the former employee with which it could directly enforce its rights.

A similar situation arose in 2004, relative to an employee at an India-based software development center of Jolly Technologies, a US customer. The employee misappropriated portions of the company's IP by allegedly uploading files that contained source code for a key product to her personal Yahoo e-mail account. The theft was detected in time to prevent the employee from distributing the stolen code. But once again, due to gaps in India's IP law the US customer could not successfully prosecute the employee.

These and other cases have drawn close scrutiny and have served as a wake-up call to the global sourcing community and the Indian outsourcing industry. Indian providers have aggressively lobbied their government to strengthen the nation's IP regime and thus to demonstrate to the world's investor community that India is acting to protect foreign IP.

The risks associated with subcontractor and employee misconduct relative to IP in India are very real. It is critical, therefore, for US customers to be aware of this enforcement gap and to address it in their operative contracts with Indian service providers. Customers must also work to carefully scrutinize relevant contracts between Indian service providers and their subcontractors.

Effective Strategies to Safeguard Trade Secrets and Confidential Information Offshored to India

Drafting comprehensive confidentiality and IP ownership agreements that are enforceable in India

Trade secrets and confidential information must be protected with well-constructed contractual arrangements between a US customer and its Indian service provider. It is imperative, too, that any contractual relationship between the service provider and its subcontractors includes an express right of enforcement by the US customer against the subcontractors.

Contract provisions should clearly and effectively prohibit the wrongful disclosure and misappropriation of trade secrets and proprietary data by the service provider and its subcontractors. In addition, the contract should expressly acknowledge the US customer's right to enforce violation of these provisions for damages and of the customer's right to seek to enjoin such wrongful acts locally.

Confidentiality and non-competition covenants are enforceable under Indian law and offer a vital line of defense in the US customer's effort to protect trade secrets and confidential information in India. A US customer must insist upon unambiguous provisions in the operative contract requiring the Indian service provider to ensure specific performance standards. These standards should explicitly oblige the provider to:

  • maintain the customer's trade secrets and confidential information in strict confidence, not only during the term of the contract but also after its termination;
  • permit controlled access on a "need-to-know" basis only, including the customer's right to enforce such obligations directly against service provider personnel having access to the customer's information; and
  • accept contractual responsibility and liability for any breach of confidentiality obligation or misuse of such information by itself, its subcontractors, employees or former employees.

A well-designed operative contract should enable the customer to immediately terminate the agreement in the event of a service provider's failure to comply with its contractual confidentiality obligations. In addition, it should result in uncapped financial consequences to the service provider.

Performing due diligence to avoid chain-of-title issues and to ensure pass-through non-disclosure obligations

Because prevention is better than cure, a US customer should conduct comprehensive due diligence regarding the Indian service provider's track record of maintaining data security. Prior to entering into a final contractual arrangement, the customer should perform due diligence as thoroughly as possible to make sure that the Indian service provider has written agreements in place with its employees and consultants that address IP ownership and non-disclosure obligations. These agreements should be closely scrutinized to ensure they sufficiently protect the US customer's rights and interests and are valid and enforceable under Indian law.

To the extent practicable, and depending on the nature and sensitivity of customer IP involved in the project, a US customer should consider entering into non-disclosure and IP ownership agreements directly with the provider employees and consultants who will be assigned to the project. In that way, confidentiality and IP ownership obligations should remain in force even after the employee or consultant is no longer employed or engaged by the Indian service provider. In addition, the US customer will have contractual privity with such employees and consultants, and it will have legal standing to sue in India (and, presumably, in other venues) in the event of a breach of their obligations.

Imposing non-compete restrictions that are enforceable in India

The operative contract should also include non-competition covenants that restrict the Indian service provider from using competitive technology or personnel in connection with the customer's competitors. The US customer must bear in mind, however, that India has stringent laws against overly restrictive trade practices. The enforceability of a non-compete covenant, then, is subject to a case-by-case determination, and any particular terms cannot in every case be assumed to be enforceable.

The Indian Contract Act provides that a non-compete agreement will not be enforced to the extent that it restrains a person from exercising a lawful profession, trade or business. Judicial precedent under Indian law indicates, however, that an Indian court will enforce a restrictive covenant if it meets what is known as a "reasonableness" test. For example, a restrictive covenant imposed during the period of the subject's employment is more likely to be upheld than is a covenant operating after the termination of employment.

In Niranjan Shankar Golikari v. The Century Spinning & Manufacturing Co. Ltd., the Supreme Court of India upheld a restrictive clause in an employment contract that imposed constraints on the employee not to reveal or misuse during the period of the employment any trade secrets that the employee learned while employed. Similarly, Indian courts tend to apply a stricter level of scrutiny to non-competition provisions in contracts for the provision of services than to contracts solely for the sale of a business or to franchise agreements that restrain the franchisee from dealing with competing goods. This tendency on the part of the courts makes the drafting of non-compete provisions in offshoring contracts a critical and sensitive task.

Enforcing proper checks and balances on subcontracting

Subcontracting by the Indian service provider can dramatically increase the customer's IP risk profile. Therefore, proper checks and balances should be placed on the provider's ability to subcontract any portion of the offshored services.

To the extent possible, the US customer should require that subcontractors enter into contractual commitments that are directly enforceable by the US customer. At the very least, the US customer should insist upon contractual controls that:

  • require prior approval rights with respect to all subcontractors and that retain the customer's right to review the terms of all subcontracts;
  • require flow-down of certain mandatory provisions to safeguard the US customer's rights and interests, such as data privacy, IP ownership and assignment provisions and confidentiality obligations;
  • enable performance of thorough due diligence with respect to subcontractors;
  • require the Indian service provider to be contractually responsible for subcontracted functions; and
  • maximize, to the extent practicable, the customer's chances in India of being positioned legally to enforce contractual protections regarding data privacy, confidentiality and IP ownership directly against the subcontractor.

Implementing effective information governance measures

The US customer should perform a thorough, engagement-specific risk assessment prior to sending any sensitive information offshore. The customer should also develop and implement effective information-governance strategies and internal security measures to control the access, availability and dissemination of trade secrets and confidential information in India. Key measures should include:

  • requiring meaningful background checks to be performed on employees and consultants engaged by the Indian service provider and assigned to the US customer's account;
  • permitting controlled access on a need-to-know basis;
  • managing attrition and turnover rates of employees;
  • briefing employees on security measures and conducting exit interviews of ex-employees to remind them of continuing confidentiality obligations;
  • performing routine audits to verify a service provider's compliance; and
  • to the extent possible, marking hard copy documents and electronic data with "confidential" or "proprietary" legends prior to their circulation.

Given that most security breaches result from internal employee misconduct, the US customer should require its Indian service provider to implement sound personnel security controls. These measures should be implemented via a three-pronged approach of employee screening, rigorous training and robust disciplinary processes.

Assessing need for local patent registrations in India

Before embarking on an offshoring transaction involving India, a US customer should determine whether to protect IP that might be shared or created in India through trade secrets or by obtaining a local Indian patent. In this context, a fundamental question is whether to seek local patent protection for any invention that is either patentable or already patented outside India and that will become available in India as a result of the outsourcing engagement. Similarly, the customer must determine if local patent protection should be sought for any project-related innovations originating in India and if subsequent global filings should be initiated for any India-originated innovations.

By applying a well-considered patent strategy upfront, a US customer can minimize both infringement risk and the risk of potential loss of any global patent rights in light of differing standards of patentability worldwide. To a large extent, the customer's patent strategy will be driven by the nature of the offshoring project and by the degree of critical IP involved. For example, in a KPO in India involving research and development of chemical entities, it may be worthwhile to obtain local patent protection for the chemical entities. Similarly, in a KPO involving the manufacture of drugs in India, the customer may wish to obtain local patent protection for the drug formulations in order to prevent local generic companies from copying the drug.

A key benefit of patent protection is that it provides the patent owner with a bundle of strong statutory rights. These rights may be enforced against any third party in India to stop unauthorized use of the patented technology, regardless of the existence of any contractual or fiduciary relationship.

Furthermore, independent development of a patented technology, unlike a trade secret or a copyright, is not a defense to a claim of infringement. While not usually a significant risk, a US customer in India should generally be aware that Indian patent laws empower the government to grant a "compulsory license" to a private party or a government agency under certain circumstances.

India's patent laws also provide for broad "research and experimental use" exceptions. Customers should be aware that under these exceptions, a third party's experimental use of a patent, even for commercial purposes and without the patent owner's consent, does not constitute infringement in India.

Finally, a US customer must keep in mind that computer programs and business methods continue to be per se not patentable in India. Consequently, they must be protected as trade secrets through appropriate contractual protections.

Other IP considerations

As a practical way to manage IP risk, the US customer should conduct and implement best risk-management practices prior to initiating any KPO arrangement in India. At a minimum, the customer should:

  • perform detailed, upfront due diligence of the Indian service provider to evaluate the entity's track record for protecting IP;.
  • be extremely selective about the IP that is to be offshored and avoid where possible offshoring critical technology;.
  • maintain core components of the offshored IP in the United States; and
  • require frequent disclosure of work-in-progress and periodic receipt of incremental project deliverables during the course of the initiative, in order to avoid being denied access to such technology in the event of a dispute or bankruptcy.

To further mitigate risk, a customer may adopt a "distributed R&D model" by dividing R&D responsibility among multiple supplier entities and, if appropriate, across multiple jurisdictions. The customer should note, however, that distributed R&D can be expensive, since additional capital and resources will be required to manage and integrate results from the various participating entities.

Exploring mechanisms to mitigate enforcement risks in India

The enforcement of the US customer's rights and remedies is always a vital concern, and those concerns can be exacerbated when dealing with an Indian service provider. This is particularly true if the provider has few or no meaningful assets in the United States against which a judgment could be executed.

If the Indian service provider has meaningful assets located in the United States, and if a US plaintiff successfully obtains a judgment in a court of competent jurisdiction, the judgment can be enforced against those US assets with relative ease. If a dispute with an Indian service provider is adjudicated in the United States, however, but the provider's primary assets are located in India rather than in the United States, the customer must seek redress within the Indian legal system to obtain and enforce a judgment against the provider's India-based assets.

Efforts to enforce a foreign judgment in India can be arduous, time-consuming, expensive and unpredictable. If an Indian provider has few meaningful US assets, then it may be advisable for the US customer to institute an initial claim against the provider in India, rather than in the United States. This may obviate the customer's need to re-litigate the claim in India as a means of enforcing a US judgment against the provider's Indian assets.

This approach may be especially true if the US plaintiff is seeking injunctive relief and if time is of the essence. Jurisdiction and enforcement provisions in the operative contract should be thoughtfully crafted to provide the US customer with adequate, flexible rights and remedies consistent with the nature of the business or knowledge process and the underlying customer IP being offshored to India.

The US customer should perform early due diligence to identify the physical location of the Indian service provider's assets. This initial effort will enable the customer to assess its potential ability to enforce rights and remedies with respect to an Indian service provider. It will help the customer determine the extent of the Indian provider's US presence and, correspondingly, to evaluate local provider assets that will be available for the satisfaction of judgments.

To further mitigate enforcement risks, the US customer should explore alternative measures, such as insurance, performance bonding, letters of credit or guarantees from the Indian service provider and its financially responsible affiliates. In addition, the customer should ensure that it retains flexible, rules-based termination rights.

To best mitigate the risk of an Indian service provider seeking refuge in an Indian court and being mired in prolonged litigation and subject to unfamiliar procedures, private arbitration is the preferred means of dispute resolution in an offshore sourcing transaction involving India.

Considering alternative dispute resolution mechanisms to maintain confidentiality

In India, litigation concerning breach of trade secret protection clauses can lead to open disclosure and consequential loss of the trade secrets at issue if the legal proceedings are not closed. For this and other reasons, the operative contract should require that all disputes relating to the US customer's trade secrets and confidential information be subject to confidential mediation or arbitration, rather than to litigation. The contract should also specify that these dispute-resolution measures will, if possible, be conducted in a non-Indian venue and that all IP and information involved in the proceeding will be treated confidentially. The relative ease of enforcing foreign and India-based arbitral awards in India provides an additional compelling reason for adopting arbitration as the formal dispute resolution mechanism in India.

Determining the appropriate offshore delivery model

A potential US customer may consider adopting a "captive" offshoring model involving offshoring through affiliated legal entities in India. Implementation of a captive model may be especially appropriate if the business would experience significant adverse impact and cost as a result of losing control over IP that would be transferred to, or created in, India.

It is not surprising that a high percentage of captive offshoring transactions in India are in IP-intensive sectors such as advanced software, high-tech electronics and pharmaceuticals. Establishing a captive in India will provide the US customer with more control over day-to-day operations and IP.

A customer must balance that benefit, however, against the increased capital outlays and expense inherent in captive models. In addition, a majority of the critical legal issues discussed in this article are as relevant to captives as they are to other outsourcing structures. The need to carefully evaluate and address these issues will be equally critical regardless of the offshore delivery model elected by the customer.


In summary, offshoring to India can not only yield significant cost savings and increased efficiencies but also leverage India's vast knowledge class to perform "high end" KPO services and functions. However, because of the potential risks to a customer's IP that may be transferred to or created in India, a US customer contemplating an offshoring project in India must carefully assess India's IP legal framework vis-ŕ-vis the business or knowledge process that will be offshored, and accordingly determine the necessary and available safeguards to protect its IP, including trade secrets and confidential information. These safeguards may include statutory and common law protections, but carefully crafted and robust contractual provisions combined with practical and enforceable mechanisms to minimize IP-related risk are mission critical and should be an integral component of any offshoring project in India.


This non-legal environment presents numerous challenges concerning trade secret protection and enforcement, and it can jeopardize a US customer's IP unless the customer carefully employs certain contractual mechanisms that are enforceable in India.

Subcontracting by the Indian service provider can dramatically increase the customer's IP risk profile.

Jurisdiction and enforcement provisions in the operative contract should be thoughtfully crafted to provide the US customer with adequate, flexible rights and remedies consistent with the nature of the business or knowledge process and the underlying customer IP being offshored to India.

Learn more about our Asia offices and Business & Technology Sourcing practice.

Copyright 2010. JSM, Mayer Brown International LLP and/or Mayer Brown LLP. All rights reserved. Mayer Brown is a global legal services organization comprising legal practices that are separate entities ("Mayer Brown Practices"). The Mayer Brown Practices are: JSM, a Hong Kong partnership, and its associated entities in Asia; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales; and Mayer Brown LLP, a limited liability partnership established in the United States. The Mayer Brown Practices are known as Mayer Brown JSM in Asia.

This article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein. Please also read the JSM legal publications Disclaimer.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

In association with
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at and we will use commercially reasonable efforts to determine and correct the problem promptly.