DPDP Act Enforcement Nears, Businesses Lag Behind
With enforcement of India's Digital Personal Data Protection Act expected by May 2027, the majority of businesses remain unprepared, despite penalties of up to ₹250 crore per violation. The Act, passed in August 2023, mandates explicit consent, appointment of Data Fiduciaries, and demonstrable compliance.
ComplyDP Offers Automated Compliance Solution
Bengaluru-based startup ComplyDP has developed an AI-native platform that automates the end-to-end compliance process. Founded by Sanket Sharma, a former Supreme Court advocate, and Vipul Abhishek, an AI engineer, the platform scans digital properties, maps data flows, identifies gaps, and generates action plans in a fraction of the time of manual audits.
Backed by NVIDIA and Google Cloud
ComplyDP is supported by NVIDIA Inception, Google Cloud for Startups, T-Hub, and the Department of Science and Technology. It currently serves D2C, BFSI, and enterprise tech sectors, with larger organizations in evaluation.
"Having argued data privacy matters at the Supreme Court, I have seen firsthand how organizations underestimate regulatory risk until it becomes a crisis," said Sanket Sharma, Co-Founder and CEO of ComplyDP. "The DPDP Act is India's GDPR moment. The difference is that businesses here have a narrower window to act, and far less institutional infrastructure to help them do it. We built ComplyDP to close that gap."
Continuous Compliance Monitoring Needed
Compliance is not a one-time exercise; as businesses evolve, their data landscape changes. ComplyDP offers continuous monitoring rather than static audits. A free DPDP compliance report is available at complydp.com/report, covering website data practices, cookie usage, and consent flows.
With enforcement timelines tightening, the question for businesses is how quickly they can achieve compliance.
