When you visit many global websites, you will instantly be prompted to accept or reject cookies. That’s for you to tell the company whether you are ok with them...
March 11, 2026
Read
Author: privu
Privacy by Design and Data Protection Best Practices Under India’s DPDP Act
India's Digital Personal Data Protection Act covers over 900 million internet users. Non-compliance penalties reach ₹250 crore. And yet, most businesses...
March 5, 2026
Read
The Consent Audit — The First Thing Every Business Needs to Do
If you run a business that collects personal data — and in 2025, almost every business does — the most important first step toward DPDPA compliance is ....
March 5, 2026
Read
Data Breaches — What the Notification Obligation Means at Scale
Data breaches in India have historically been underreported. There was no law mandating disclosure, no standard for what constituted a notifiable ....
March 5, 2026
Read
E-Commerce and Retail — When Personalisation Meets Purpose Limitation
India's e-commerce sector has been built, in large part, on the intelligence that comes from data. The ability to show you a product you didn't know ....
March 5, 2026
Read
Fintech and Banking — When Data Minimisation Meets KYC
Indian fintech sits at an unusual intersection under the DPDPA. On one side, financial regulators — the RBI, SEBI, IRDAI — mandate extensive data ....
March 5, 2026
Read
EdTech and Children’s Data — The Parental Consent Challenge
This is not about India’s Edtech industry. Not exactly. India has one of the largest student populations in the world ....
March 5, 2026
Read
DPDPA and Healthcare — Patient Data, Consent, and the Stakes of Getting It Wrong
Of all the sectors that the DPDPA will reshape, healthcare may carry the highest stakes. A person's health data is among the most sensitive ....
March 5, 2026
Read
Why India Needed a Data Protection Law — and Why Now
Think about the last time you signed up for a new app. You tapped "I Agree" without reading a word, and moved on. That data — your name, phone number, ....
November 18, 2024
Read
The Three Characters of DPDPA — Principal, Fiduciary, Processor
Every good story has clearly defined characters, and the DPDPA is no different. The entire law is built around three roles, and understanding them is ....
November 15, 2024
Read
Consent Under DPDPA — What “Informed” Actually Means
We have all become expert consent-givers without ever actually consenting to anything. Every app installation, every new website, every loyalty ....
November 10, 2024
Read
The Core Principles — Purpose, Minimisation, and Retention
Imagine hiring a chartered accountant to file your tax returns. You give them access to your income statements, bank records, and investment ....
November 5, 2024
Read
Rights of the Data Principal — What You Can Actually Ask For
Most Indians are familiar with the RTI — the Right to Information Act — which gave citizens the ability to formally ask government bodies what ....
November 1, 2024
Read
The Digital Nominee — A New Concept India Just Introduced
When someone passes away in India, there are well-established processes for what happens to their physical and financial assets — a will, a nominee on ....
October 28, 2024
Read