Is Your Business Privacy-Ready?
5 quick questions to assess your data privacy compliance posture under Indian and global regulations.
Question 1 of 5
Does your business collect, store, or process personal data of individuals (customers, employees, or users)?
Personal data includes names, emails, phone numbers, addresses, payment info, health records, biometric data, or any information that can identify a person.
Question 2 of 5
Do you obtain clear, informed consent from individuals before collecting their personal data?
Under the DPDP Act 2023, consent must be free, specific, informed, and given through a clear affirmative action. Pre-ticked boxes or bundled consent do not count.
Question 3 of 5
Do you have a documented privacy policy that explains what data you collect, why, and how individuals can exercise their rights?
Both the DPDP Act and GDPR require a clear, standalone privacy notice — not buried in terms of service. It must be in plain language and easily accessible.
Question 4 of 5
Do you store or transfer personal data to servers or third parties located outside India?
Cloud services (AWS, Google Cloud, Azure), SaaS tools (Mailchimp, HubSpot, Slack), and international payment processors all involve cross-border data transfer. The DPDP Act restricts transfers to certain countries.
Question 5 of 5
Do you have a documented process for responding to data breaches within 72 hours and notifying affected individuals?
Under both the DPDP Act and GDPR, you must notify the Data Protection Board and affected individuals without undue delay. Not having a breach response plan is itself a compliance violation.
⚠️
Action NeededYour business likely has compliance gaps that need attention.
Based on your responses, there are areas where your organization may not be fully aligned with the DPDP Act 2023 or GDPR requirements. Non-compliance can result in penalties up to ₹250 crore under the DPDP Act. The good news: most gaps can be addressed with a structured compliance roadmap. Let us help you get there.
✓
Looking GoodYour business appears to have a solid compliance foundation.
You seem to be on the right track with your data privacy practices. However, regulations evolve constantly — the DPDP Rules 2025 introduce new requirements around consent managers, breach timelines, and data retention. Stay ahead of changes with periodic compliance reviews.
Still want to learn more? Reach out to us at letsconnect@resolveandevolve.in or WhatsApp us for a free consultation.
Get a Free Compliance Consultation
Our CIPP/E certified experts will review your situation and provide a personalized compliance roadmap.
Submit your details by emailing letsconnect@resolveandevolve.in or WhatsApp us directly.