DPDP
DPDP overview
How Erasure helps teams operationalize DPDP-shaped privacy work — not legal advice.
DPDP overview
India’s Digital Personal Data Protection (DPDP) Act is a primary reason teams evaluate Erasure.
This section maps common operational needs to what Erasure does today. It is not legal advice and not a certificate of compliance.
What teams typically need to operationalize
| Need (simplified) | Without infrastructure | With Erasure |
|---|---|---|
| Tell people what you collect and why | Ad-hoc banner, no version history | Publish a notice with purposes; freeze versions |
| Prove what someone agreed to | No durable record | Receipts tied to a consent version |
| Honour erasure requests | Email → manual SQL | Rights cases, jobs, multi-system run |
| Know where personal data lives | Tribal knowledge | Systems + Data Maps |
| Show what happened | Scattered logs | Evidence packages you can export |
The operating loop
Workflow · DPDP-shaped operations in Erasure
- Notice & consent — publish config; collect choices with receipts
- Map — connect systems; define where subject data lives
- Fulfil rights — verify, start deletion jobs, record outcomes
- Evidence — export packages for internal review
Pages in this section
| Page | Focus |
|---|---|
| Consent | Collecting and proving consent |
| Notice | Versioned notices subjects see |
| Withdrawal | Preference changes as new receipts |
| Deletion requests | Rights lifecycle honesty |
| Evidence | Exportable packages |
| Operational checklist | Practical readiness — not certification |
What Erasure is not (for DPDP buyers)
- Not automated policy drafting
- Not a full GRC / DPO suite
- Not “instant total compliance”
- Not proof about systems you never connected
What to do next
Start with Consent, or if you are new to the product, Getting Started.