GuideDPDP Act
DPDP Act readiness for technology businesses
A practical first-pass framework for product, legal and security teams deciding what to document and implement first.
Insights
DPDP Act guidance for decisions in motion.
Guides, regulatory updates and practical checklists for Indian product, legal, compliance and security teams.
ChecklistNotice and consent
Notice under Section 5 of the DPDP Act
What a Data Fiduciary should review before putting consent and notice experiences into production.
GuideHeightened duties
Children's data under Section 9 of the DPDP Act
Heightened duties for teams building products that may process a child's personal data.
GuideGovernance
Preparing for Significant Data Fiduciary duties
Section 10 readiness for organisations that may be notified as Significant Data Fiduciaries.
Regulatory updateIncident readiness
CERT-In directions and incident readiness
A concise operational view of incident reporting and log retention obligations relevant to security and privacy teams.
CommentaryLegal framework
Sensitive personal data: SPDI rules and the DPDP framework
How older SPDI terminology and the DPDP Act should be distinguished in current privacy assessments.
Start with context
Book a focused DPDP Act consultation.
Bring an upcoming launch, notice review, data mapping question, incident readiness issue or implementation deadline. We will help identify the right next step.