DPDP Rules 2025 are now in effect. How ready is your business? Most Indian companies don't know yet.Find out in 10 minutes — free →
SaralPrivacy emblem
DPDP Rules, 2025 notified 14 November 2025 — use the phased rollout window now

Privacy made practicalfor Indian businesses

Understand whether DPDPA applies to you, how exposed your current practices are, and exactly what to do next — in plain English, no legal degree required.

Take Free AssessmentDownload White Paper
Free 10-minute readiness check
No legalese — plain English
Industry-specific guidance
Not legal advice — educational
Free
10-minute assessment
200+
Briefings published
4
Industries covered
50+
Resources available

DPDPA is India's framework for handling digital personal data, and the DPDP Rules, 2025 have now been notified. For Indian businesses, the real work is operational: fix your notices, consent flows, rights handling, retention logic, and vendor controls. SaralPrivacy helps you understand what matters, assess your risk, and prioritise the next 30 to 90 days.

Educational, not alarmist

We explain what DPDPA actually requires in language that founders and operations teams can act on — not fear-mongering.

Practical and actionable

Every briefing ends with a checklist. Every assessment ends with a roadmap. We focus on what to do, not just what the law says.

Built for Indian businesses

Not a GDPR guide repurposed for India. Every piece of content is written specifically for Indian business contexts and data practices.

Not legal advice

We are an intelligence and education platform. For formal legal opinions, engage a qualified data protection lawyer. We tell you what to prepare.

Industry-Specific Guidance

DPDPA affects different businessesin very different ways

A recruitment agency, a CA firm, a training institute, and a D2C brand all collect personal data — but their risks, obligations, and compliance paths are completely different.

Recruitment Agencies

  • CV databases & candidate data
  • Client profile sharing
  • Background check documents
  • Cross-border data flows

Find out whether your recruitment workflows create DPDPA exposure in 10 minutes.

Take AssessmentView Industry Guide →

CA Firms

  • PAN / Aadhaar / bank data
  • Client payroll records
  • Cloud drives & shared folders
  • Sensitive financial documents

Understand your DPDPA obligations for client records, payroll data, and firm operations.

Take AssessmentView Industry Guide →

Training Institutes

  • Student & parent data
  • Admissions & lead forms
  • Digital marketing consent
  • Placement data retention

Check whether your admissions, marketing, and student data workflows are DPDPA-ready.

Take AssessmentView Industry Guide →

D2C Brands

  • Email / SMS / WhatsApp marketing
  • Third-party analytics & pixels
  • Customer loyalty data
  • Retention of inactive customers

See whether your customer acquisition and retention stack creates DPDPA risk.

Take AssessmentView Industry Guide →
Daily Briefings

Stay ahead of DPDPA developments

Clear, actionable briefings on DPDPA updates, enforcement signals, and compliance guidance — written for business owners, not lawyers.

All briefings
LatestCompliance Guidance

5 steps. That's all you need to be ready.

Most small businesses are not ready. But 5 simple steps can change that.

18 Apr 20263 min read
Read briefing

Latest Updates

Compliance Guidance

Your 30-day plan to start following the law

17 Apr 20263 min
Compliance Guidance

Stop trying to fix everything at once

16 Apr 20263 min
Compliance Guidance

Where is your biggest data leak hiding?

15 Apr 20263 min
Compliance Guidance

Nobody owns it? Then nobody fixes it.

14 Apr 20263 min
Browse all briefings →
Free — takes 10 minutes

Find out exactly where you stand with DPDPA

Our industry-specific assessments score your business across four dimensions: applicability, maturity, risk, and urgency. You get a personalised result — not a generic report.

Low Complexity
Your practices are relatively DPDPA-aligned. Review quick wins.
Moderate Exposure
Specific gaps need structured attention over 2-3 months.
High-Priority Action
Significant gaps require immediate compliance programme.
Choose Your Assessment

Select your industry

Each assessment is tailored to the specific data risks and obligations of your sector.

Recruitment Agencies
8 questions · ~10 minutes
CA Firms
7 questions · ~10 minutes
Training Institutes
7 questions · ~10 minutes
D2C Brands
8 questions · ~10 minutes

No account required. Results are shown immediately after completion. You can optionally save your results by providing your email.

45-page practitioner guide · Free download

The complete DPDPA guidefor Indian businesses

A practitioner-grade white paper that covers everything your business needs to know about DPDPA — from applicability to enforcement — without the legalese.

  • What DPDPA is and who it applies to — in plain English
  • Obligations for Data Fiduciaries: consent, notice, security, breach
  • Sector-by-sector breakdown: recruitment, CA firms, training, D2C
  • Rights of individuals and how businesses must respond
  • Enforcement timeline and penalty structure
  • Your 30-day privacy readiness action plan
Download Free White Paper

Requires name, work email, and industry. Separate consent options for follow-up.

DPDPA: The Complete Guide for Indian Businesses
2026 Edition · 45 pages
01. Understanding DPDPA
02. Who It Applies To
03. Consent Framework
04. Sector Breakdown
05. Rights of Individuals
06. Enforcement & Penalties
07. 30-Day Action Plan

Download instantly · Free · DPDPA-compliant consent

Free Download

Frequently asked questions

Quick answers to the questions Indian business owners ask most about DPDPA.

The Digital Personal Data Protection Act, 2023 is India's first comprehensive data protection legislation. It governs how personal data of Indian citizens can be collected, stored, processed, and used by businesses and organisations. The Act was passed by Parliament in August 2023. The DPDP Rules, 2025 have been notified, with phased commencement, making this implementation time for businesses. It establishes rights for individuals over their personal data and obligations for businesses that process that data.

Browse all 15 FAQs

DPDPA briefings, delivered to your inbox

Get practical DPDPA updates, compliance tips, and regulatory developments delivered weekly (or daily). Written for business owners, not lawyers.

Consent

Your data is processed as described in our Privacy Notice. We do not pre-check consent boxes. You must opt in actively.

Free 30-minute consultation

Not sure where to start?We can help you figure it out.

Our advisory team works with Indian businesses across recruitment, accounting, training, and D2C. Tell us where you are and we'll tell you what to prioritise.

30-minute discovery call — free, no obligation
Written summary of next steps after the call
Available via phone, video, or WhatsApp
Request Consultation

What the consultation covers

Whether and how DPDPA applies to your specific business model
Your highest-risk privacy gaps based on current practices
Practical quick wins you can implement immediately
A prioritised roadmap for the next 90 days
Resource and cost estimates for your readiness programme

We handle your contact information in accordance with our Privacy Notice. You will receive confirmation within one business day.