Start here
DPDP is easier when the words are simple. A person gives data. A business decides why it needs the data. Vendors process it. Consent and notice explain the purpose. Rights and grievance handling give the person a way back. That is the core map.
What is a Data Fiduciary?
A Data Fiduciary is the person or business that decides why personal data is collected and how it will be used.
Vendor RoleWhat is a Data Processor?
A Data Processor is a vendor or tool that handles personal data on behalf of a Data Fiduciary.
The PersonWhat is a Data Principal?
A Data Principal is the person whose personal data is being collected, used, stored, shared, or deleted.
RightsWhat are Data Principal Rights?
Data Principal rights are the basic actions a person can take over their personal data: access, correct, delete, complain, and nominate.
ConsentWhat does Consent mean under DPDP?
Consent means the person understands the purpose and agrees to that use of their personal data.
NoticeWhat is a DPDP Notice?
A DPDP notice tells a person what data is being collected, why it is being collected, and how it will be used.
Complaint HandlingWhat is a DPDP Grievance Officer?
A DPDP grievance officer is the person or function that receives and manages privacy complaints and rights issues.
Higher-Risk EntityWhat is a Significant Data Fiduciary?
A Significant Data Fiduciary is a Data Fiduciary that may face extra duties because of the scale, sensitivity, or risk of its data processing.
Starter ChecklistSimple DPDP Checklist
A DPDP checklist is a practical way to see whether your business can explain and prove its personal data flows.
Vendor CheckSimple DPDP Vendor Checklist
A DPDP vendor checklist helps you decide whether a vendor or tool can safely handle personal data for your business.
Want to see where your business stands?
After the words make sense, the next step is to map one real data journey. Start with the free audit if you want a quick first read.