INDIA · DPDP ACT 2023
Everything you need to meet the DPDP Act 2023 — Privacy Center, DSR inbox, consent records, breach workflow, and audit proof.
No credit card required. Privacy Center live in 15 minutes.
SECTION 33 PENALTY SCHEDULE
The Data Protection Board can impose penalties per violation — not per company per year.
| Violation | Section | Max penalty |
|---|---|---|
| Failure to take reasonable security safeguards | Section 8(1) | ₹250 Crore |
| Failure to notify DPBI of data breach | Section 8(6) | ₹200 Crore |
| Non-fulfillment of obligations for children's data | Section 9 | ₹200 Crore |
| Non-fulfillment of Significant Data Fiduciary obligations | Section 10 | ₹150 Crore |
| Breach of any other provision of the Act | Section 33 | ₹50 Crore |
| Breach of voluntary undertaking to the Board | Section 33 | ₹50 Crore |
| Maximum aggregate per entity | Section 33(2) | ₹500 Crore (~$60M) |
YOUR OBLIGATIONS
Section 13
Appoint and publish a named officer. Every data principal has the right to raise a grievance. 30-day resolution window.
Sections 6–7
Granular, purpose-specific consent. Must be withdrawable at any time, with records maintained.
Section 5
Clear notice before data collection, in plain language, stating purpose and rights.
Sections 11–13
Right to access, correct, and erase personal data. Respond within 30 days.
Section 8
Notify the Data Protection Board and affected persons. Mandatory for significant data fiduciaries.
Accountability
Know what personal data you hold, why, and for how long. Required for RoPA and DPIA.
HOW CONDUIT COVERS EACH OBLIGATION
| DPDP Obligation | How Privacy Conduit covers it |
|---|---|
| Grievance Officer | Grievance workflow with SLA enforcement and Section 13 case tagging. |
| Consent records | Consent records module: granted, withdrawn, expired, purpose-tagged. |
| Privacy notice | Privacy Center with jurisdiction-specific notice and right descriptions. |
| Data principal rights | DSR inbox with 30-day SLA clock and automatic overdue escalation. |
| Breach response | Breach workflow with DPBI notification template and 72-hour countdown. |
| Data inventory | Data inventory, RoPA export, and DPIA generator in one workspace. |
GET STARTED
Privacy Center live in 15 minutes. Full DPDP compliance toolkit included.