One platform.
Every DPDP obligation.
Seven deeply-integrated modules sharing a common audit log, event bus, and multi-tenant data model.
Consent Management
Capture, store, and revoke granular consent across every channel. Public widget, AA flow, and server-side SDK.
- Purpose-based records
- AA-compliant flow
- Public widget + SDKs
- Hash-chained receipts
DSAR Workflows
End-to-end Data Principal request fulfilment with statutory deadline tracking and data-source discovery hints.
- Public intake portal
- Access / erasure / portability
- Auto-discovery hints
- SLA countdowns
Grievance Redressal
Public grievance portal per tenant with auto-routing, escalation paths, and Data Protection Board export.
- Public per-tenant slug
- Escalation timers
- DPB-ready export
- Resolution log
Notices & Templates
Multi-language notice library and template registry. Publish, version, and serve via the widget — never duplicate language again.
- Multi-language
- Version history
- Template registry
- Public publish URLs
DPIA
Score processing risk live as you build. Draft → review → approved workflow with mitigation tracking and recommendations.
- Live risk scoring
- Mitigation tracking
- Approval workflow
- Versioned history
Vendor & Processor Risk
Catalogue every third-party processor, store DPAs, monitor document expiry, and assign risk tiers.
- DPA storage
- Expiry alerts
- Risk tier scoring
- Sub-processor tracking
Incident Response
Triage breaches against statutory deadlines. CERT-In (6h) and Data Protection Board (72h) timers built into every record.
- CERT-In 6h timer
- DPB 72h timer
- Severity recommender
- Notification log
Cross-Border Transfers
Register every transfer recipient, jurisdiction, and safeguard. Stay ahead of MeitY's restricted-country list.
- Recipient register
- Jurisdiction tagging
- Safeguard evidence
- MeitY watchlist
Retention & Deletion
Per-purpose retention clocks with automated deletion jobs and proof-of-erasure receipts.
- Per-purpose clocks
- Auto-delete jobs
- Erasure receipts
- Legal-hold overrides
SDF Audit Pack
Significant Data Fiduciary readiness — DPO appointment, annual audit, and independent assessor evidence in one place.
- DPO record
- Annual audit log
- Assessor reports
- Evidence vault
Data Discovery & DSPM
Connect databases and warehouses. Regex-powered PII scanner detects Aadhaar, PAN, passport, voter ID with per-column sensitivity.
- Aadhaar / PAN / passport
- Per-column sensitivity
- Encrypted connections
- Latest-scan deltas
AI Compliance Assistant
Deterministic rule engine cross-references every module, flags gaps, and produces a 0–100 compliance score with an action plan.
- Cross-module rules
- Score with breakdown
- Action plan generator
- Auto-resolve stale findings
Regulatory Updates Feed
MeitY, CERT-In, and Data Protection Board notifications ingested daily, tagged by section, and routed to the right owner.
- Daily ingestion
- Section tagging
- Owner routing
- Subscription digest
The plumbing
your auditor asks about.
Multi-tenant core
Every record namespaced to a workspace. Row-level isolation enforced by the database, not the app layer.
Hash-chained audit log
Tamper-evident audit trail across every module. Every mutation links to its predecessor by SHA-256.
Public REST API + SDKs
Versioned /v1 API with API-key auth. JavaScript, React, Next.js, and Vue SDKs ship in the box.
Consent widget
Drop-in JavaScript widget for any website. Hosted /widget/consent.js — no build step required.
AA-compliant data sharing
Account Aggregator framework JWKS + signed consents endpoint. RBI-grade signing keys, rotation built in.
Industry templates
Pre-seeded notice, purpose, and consent templates for fintech, healthtech, edtech, and e-commerce.
Weekly digest
Email digest of new consents, breached SLAs, expiring DPAs, and regulatory updates. Per-role routing.
Webhooks + events
Outbound webhooks on every consent grant, revocation, DSAR, and incident — HMAC signed.