Blog & updates
DPDP, in plain English.
News, deadline reminders and guides for Indian website owners working through the DPDP Act.
Showing 1–6 of 17
Page 1 of 3
- Guide
Secure your website in 7 days — a day-by-day DPDP sprint plan
If you have one week, here is the exact order of operations that takes an Indian SMB website from 'open exposure' to 'defensible' under the DPDP Act. One job per day, each shippable by a single owner.
Read article
- Guide
Correct your website fast — five mistakes that fail every DPDP scan
We scan hundreds of Indian sites a week and the same five mistakes show up almost every time. None of them takes more than an afternoon to fix — but together they account for around 70 % of the Fail flags on a typical first scan.
Read article
- Guide
Apply the DPDP Rules 2025 to a Shopify store — exact app stack and settings
Indian D2C runs on Shopify, and Shopify is opinionated about cookies, checkout PII and analytics in ways that quietly fail DPDP. Here is the exact app stack, checkout config and theme edits that get a Shopify storefront to a defensible posture.
Read article
- Guide
Secure your website in a weekend — the DPDP fast-track for Indian SMBs
You don't need a six-month privacy programme to be DPDP-defensible. Here's a Friday-evening-to-Sunday-night sprint that closes the four gaps every Indian SMB website has, with copy-paste snippets and the free tools to ship it.
Read article
- Guide
12 cookie-control mistakes Indian websites make — and the one-hour fix for each
We've scanned thousands of Indian websites. The same twelve cookie-control mistakes show up over and over — most of them attractive to enforcement because they're visible from the public web. Here's each one, why it's risky under DPDP, and the under-60-minute fix.
Read article
- Guide
Apply the DPDP Rules 2025 to a WordPress site — step by step
WordPress runs around a third of Indian SMB websites. Most of them are not DPDP-ready out of the box — the default plugins, themes and form builders all leak cookies and PII. Here is the exact plugin stack and configuration that gets a typical Indian WP site to a defensible posture.
Read article
Coming soon
In the pipeline
These are being written. They'll appear here as soon as they ship.
- Coming soon
How to Add a Grievance Officer to Your Website Under DPDP Act 2023
Step-by-step guide to appointing and publishing a Grievance Officer on your Indian website to comply with DPDP Act 2023 Section 8(10).
- Coming soon
DPDP Consent Banner Requirements: What Exactly Does Your Website Need?
What the DPDP Act 2023 requires in a cookie consent banner — granular categories, equal-prominence reject, and no dark patterns. With examples.
- Coming soon
What Is a Data Fiduciary Under India's DPDP Act — And Are You One?
If your website collects any personal data from Indian users, you are likely a Data Fiduciary. Here is what that means and what you must do.
- Coming soon
DPDP Rules 2025 Explained: 7 Key Changes for Indian Websites
MeitY notified the DPDP Rules on 13-14 November 2025. Here are the 7 most important changes Indian website owners need to know before May 2027.
- Coming soon
DPDP vs GDPR: What Indian Startups Actually Need to Know
Comparing India's DPDP Act 2023 with Europe's GDPR — similarities, key differences, and what it means if your startup serves both Indian and EU users.
- Coming soon
How Much Could a DPDP Violation Cost Your Indian Business?
A practical guide to DPDP Act 2023 penalty exposure — which bands apply, how the Data Protection Board calculates fines, and how to reduce your risk.