DPDP Compliance,
Automated for India
The DPDP Act 2023 mandates consent management, data subject rights fulfilment, and breach notification for every organisation processing personal data of Indian residents. CognoShift automates the operational layer so your team doesn't have to.
What is the DPDP Act 2023?
Who it applies to
Any organisation — school, MSME, hospital, government office — that collects, stores, or processes personal data of Indian residents, regardless of where the organisation is located.
Key obligations
Obtain explicit consent before collecting data. Allow data principals to access, correct, and erase their data. Notify PDPB and affected individuals within 72 hours of a breach.
Penalties
Up to ₹250 Crore per violation for significant data breaches. Up to ₹200 Crore for failure to notify. Non-compliance risks reputational damage and operational disruption.
What CognoShift Automates
Already live in our platform — deployed with Sentinel in under 30 minutes.
Consent Collection & Audit Trail
Purpose-specific, timestamped consent with HMAC-signed records. Every grant and withdrawal is immutably logged.
Data Subject Rights Portal
Individuals can request access, correction, or erasure of their data. Requests are tracked and deadline-managed.
72-Hour Breach Notification
Automated breach detection triggers a notification workflow to the Data Protection Board and affected data principals.
180-Day Log Retention
All consent and processing logs retained for 180+ days (365-day default) with pg_cron-enforced TTL.
Privacy Notice Management
Structured privacy notice with version history, linked to each consent record at time of collection.
DPDP Compliance Score
Real-time readiness score across all DPDP obligations — visible in your portal dashboard.
Deploy DPDP Compliance in 30 Minutes
CognoShift Sentinel deploys silently via Active Directory and activates DPDP consent management, breach notification, and audit logging automatically — no IT team required.
Get Started →