This guide breaks down India’s Digital Personal Data Protection Act and what it means for global organisations handling personal data. It explains the shift to a consent-led, rights-based framework, outlines key obligations, and provides practical steps to prepare for phased enforcement through to 2027.
What’s in the guide
- Clear overview of the DPDP Act and its scope for Indian and global organisations
- Core principles including consent, transparency, data minimisation and accountability
- Practical compliance requirements for consent, rights handling and breach response
- Key timelines and phased implementation through to May 2027
- Guidance on cross-border transfers, retention and vendor management
- Step-by-step actions businesses should take now to prepare