The DPDP Knowledge Hub

R

Updated At May 16, 2026 10 min read

RBI vs DPDP: Erasure When KYC Retention Still Applies

How Indian banks, NBFCs, and fintechs can honour DPDP erasure rights without breaching RBI KYC and PMLA retention rules, using a practical data-governance and architecture model.

SP

Sumeshwar Pandey

Updated At May 16, 2026

C

Updated At May 16, 2026 12 min read

Checkout UX for High-Consent Completion Rates

Procurement-focused guide to sourcing DPDP-aligned checkout and consent solutions that grow first-party data while keeping consent, logging, and vendor risk under control.

SP

Sumeshwar Pandey

Updated At May 16, 2026

R

Updated At May 16, 2026 12 min read

Re-Engagement Campaigns after Consent Withdrawal: What Is Still Allowed?

For Indian retail and D2C procurement teams: what communications stay lawful after DPDP consent withdrawal, and how to evaluate consent and marketing tech vendors for DPDP-safe re-engagement.

SP

Sumeshwar Pandey

Updated At May 16, 2026

W

Updated At May 16, 2026

WhatsApp Marketing under DPDP Rules 2025

A procurement-focused guide to sourcing and designing WhatsApp marketing, consent, and data platforms so Indian retail and D2C brands can grow first-party data without breaching DPDP Act 2023 and DPDP Rules 2025.

SP

Sumeshwar Pandey

Updated At May 16, 2026

H

Updated At May 16, 2026

Handling Legacy Data Collected Before DPDP

For Indian CXOs: how the DPDP Act and Rules treat personal data collected before commencement, and how to run a 12–18 month legacy data remediation programme.

SP

Sumeshwar Pandey

Updated At May 16, 2026

T

Updated At May 16, 2026

The 72-Hour Breach Clock: Incident Response Plan for DPDP

How Indian leadership teams can turn DPDP’s 72-hour breach reporting rule and CERT-In’s six-hour clock into a reliable incident response operating model by May 2027.

SP

Sumeshwar Pandey

Updated At May 16, 2026

S

Updated At Apr 18, 2026 16 min read

Significant Data Fiduciary (SDF) Status: Checklist for Fast-Growing Companies

A business-style piece for decision-makers that explains significant data fiduciary (sdf) status— checklist for fast-growing companies and turns policy

SP

Sumeshwar Pandey

Updated At Apr 18, 2026

P

Updated At Apr 18, 2026 18 min read

Purpose Limitation in Practice: How to Stop Teams from Reusing Data

A business-style piece for business buyers that explains purpose limitation in practice— how to stop teams from reusing data and turns policy requirements into

SP

Sumeshwar Pandey

Updated At Apr 18, 2026

C

Updated At Apr 18, 2026

Consent Fatigue: Why Good UX Matters for Compliance

For Indian procurement and compliance teams: how consent fatigue in web and mobile UX affects DPDP and global privacy compliance, and what to demand from vendors.

SP

Sumeshwar Pandey

Updated At Apr 18, 2026

T

Updated At Apr 18, 2026 18 min read

The DPO Handbook for Indian Companies

A business-style piece for decision-makers that explains the dpo handbook for indian companies and turns policy requirements into an operating plan for

SP

Sumeshwar Pandey

Updated At Apr 18, 2026

C

Updated At Apr 18, 2026 20 min read

Cross-Functional Privacy Governance: Legal, Product, Security, Marketing

A business-style piece for decision-makers that explains cross-functional privacy governance— legal, product, security, marketing and turns policy requirements

SP

Sumeshwar Pandey

Updated At Apr 18, 2026

H

Updated At Apr 18, 2026 14 min read

How to Run a DPDP Readiness Assessment in 30 Days

A business-style piece for business buyers that explains how to run a dpdp readiness assessment in 30 days and turns policy requirements into an operating plan

SP

Sumeshwar Pandey

Updated At Apr 18, 2026