ChecklistNotice and consent
Consent records under the DPDP Act
A practical guide to building consent records under the DPDP Act for product, legal, marketing and compliance teams in India.
Insights
DPDP Act guidance for decisions in motion.
Guides, regulatory updates and practical checklists for Indian product, legal, compliance and security teams.
ChecklistNotice and consent
Legitimate uses under the DPDP Act for business teams
A practical guide for Indian business teams deciding when a DPDP Act legitimate use may apply and how to record the decision responsibly.
ChecklistNotice and consent
Consent withdrawal workflow under the DPDP Act
A practical checklist for Indian teams designing consent withdrawal workflows, records, ownership and follow-up actions under the DPDP Act.
ChecklistNotice and consent
Consent journey design under the DPDP Act
A practical guide to designing DPDP consent journeys for Indian apps, websites and digital products with records and withdrawal paths.
ChecklistNotice and consent
Notice under the DPDP Act for digital products
A practical checklist for DPDP notices in Indian digital products, apps, onboarding flows, dashboards and user journeys.
GuideDPDP Act
DPDP implementation mistakes Indian companies should avoid
A practical guide to common DPDP implementation mistakes Indian companies should avoid across data, vendors, notices and evidence.
GuideDPDP Act
DPDP readiness after a product or vendor change
A practical guide to refreshing DPDP readiness after product, vendor, analytics, support or internal workflow changes.
GuideDPDP Act
DPDP Act operating model for legal and security teams
A practical DPDP operating model for legal, security, product and business teams that need owners, records and escalation paths.
GuideDPDP Act
DPDP compliance evidence records for Indian businesses
A practical guide to DPDP compliance evidence records for Indian businesses building privacy governance and audit readiness.
GuideDPDP Act
DPDP Act readiness for startups preparing for funding
A practical DPDP readiness guide for Indian startups preparing for investor diligence, enterprise sales or funding rounds.
GuideDPDP Act
DPDP implementation plan for multi-entity groups
A practical DPDP implementation plan for Indian groups operating across entities, brands, products, systems and vendors.
GuideDPDP Act
DPDP Act documentation pack for internal teams
A practical DPDP documentation pack for Indian teams that need implementation records, owners, workflows and governance evidence.
GuideDPDP Act
DPDP readiness checklist before launching a new product
A practical pre-launch DPDP checklist for Indian product, legal, security and growth teams before a new product goes live.
GuideDPDP Act
Personal data inventory under the DPDP Act
A practical guide to building a personal data inventory for DPDP implementation across products, teams, vendors and records.
GuideDPDP Act
Purpose mapping for DPDP Act implementation
A source-led guide to purpose mapping under the DPDP Act for Indian teams designing notices, controls and evidence records.
GuideDPDP Act
DPDP compliance gap assessment for growing companies
A practical DPDP gap assessment guide for growing Indian companies balancing product speed, vendors, governance and evidence.
GuideDPDP Act
DPDP Act implementation roadmap for Indian businesses
A practical roadmap for Indian businesses turning DPDP Act obligations into owners, workflows, records and implementation controls.
GuideDPDP Act
DPDP applicability assessment for Indian organisations
How Indian organisations should test whether a workflow falls within the DPDP Act and document the resulting controls.
GuideDPDP Act
Data fiduciary obligations under the DPDP Act
A practical guide to converting Data Fiduciary duties under the DPDP Act into operating controls and evidence records.
GuideDPDP Act
DPDP Act readiness for technology businesses
A practical first-pass framework for product, legal and security teams deciding what to document and implement first.
ChecklistNotice and consent
Notice under Section 5 of the DPDP Act
What a Data Fiduciary should review before putting consent and notice experiences into production.
GuideHeightened duties
Children's data under Section 9 of the DPDP Act
Heightened duties for teams building products that may process a child's personal data.
GuideGovernance
Preparing for Significant Data Fiduciary duties
Section 10 readiness for organisations that may be notified as Significant Data Fiduciaries.
Regulatory updateIncident readiness
CERT-In directions and incident readiness
A concise operational view of incident reporting and log retention obligations relevant to security and privacy teams.
CommentaryLegal framework
Sensitive personal data: SPDI rules and the DPDP framework
How older SPDI terminology and the DPDP Act should be distinguished in current privacy assessments.
Start with context
Book a focused DPDP Act consultation.
Bring an upcoming launch, notice review, data mapping question, incident readiness issue or implementation deadline. We will help identify the right next step.