Is the Osano checkDPDP certification independent?

Yes — checkDPDP is editorially independent and does not sell badge placement.

How do I get my own site DPDP-Certified?

Apply at /apply-certification. The first round is free.

Certified by checkDPDP · DPDP Verified

Osano — DPDP Certification

Name: Osano — DPDP Verified
Item: Osano
Rating: 74
Author: checkDPDP

Independent DPDP Act 2023 + Rules 2025 certification for Osano, issued by checkDPDP and refreshed daily. checkDPDP certifies any Indian website — consent platforms, SaaS, BFSI, healthtech, edtech, D2C and more — that fulfils the DPDP audit. This is the official, publicly verifiable record.

Live certificate · Daily refreshIssuing authority: checkDPDP — independent DPDP Act 2023 + Rules 2025 verificationIssued 20 Jun 2026

Official certificate

Osano's DPDP Compliance Certificate

Issued and signed by checkDPDP — independently verified and live-refreshed daily.

checkDPDP

No. CDP-2026-OSANO-074

CERTIFICATE OF DPDP COMPLIANCE

This certificate is awarded to

Osano

for satisfying the independent checkDPDP audit against the Digital Personal Data Protection Act, 2023 and the DPDP Rules, 2025 — including Section 5 notice, Section 6 consent, Section 8 security safeguards, breach reporting, Data Principal rights, cross-border disclosures and children-data handling.

74/100

Awarded tier

DPDP VERIFIED

DPDP Act 2023 + Rules 2025 · checkDPDP

Osano

Austin, US

Privacy stack from a Public Benefit Corporation; transparent pricing.

Protection score: 74/100
Tier: DPDP Verified
Live DPDP scan: 45/100 · Needs Work
DPDP fit (1–5): 3
Security (1–5): 4
Ease (1–5): 5
Refreshed: 20 Jun 2026, 2:59 am
Source: Editorial seed

Visit Osano Get your own site certified

How this score is built

Composite = DPDP fit (45%) + Security (40%) + Ease (15%), each on a 1–5 scale. The live scan column re-runs the public-web DPDP audit on osano.com daily at 02:00 UTC. Read the full methodology.

Live badge

Osanocheckdpdp.in/verified/osano

Embed this badge on your site

The badge re-renders daily from this page, so it always reflects your current score — not a stale snapshot.

<a href="https://checkdpdp.in/verified/osano" target="_blank" rel="noopener"><img src="https://checkdpdp.in/api/badge/osano" alt="Osano — DPDP Verified by checkDPDP" width="240" height="80"/></a>

Direct SVG: https://checkdpdp.in/api/badge/osano

Protection

What this checkDPDP certification protects you from

The DPDP Act 2023 + Rules 2025 carry penalty bands up to ₹250 crore per instance. Holding an independent, live certification from checkDPDP is your documentary evidence of due diligence under Section 33(2) — exactly what the Data Protection Board weighs when deciding penalties.

₹250 cr security-failure band
We verify Section 8(5) safeguards — HTTPS, HSTS, CSP, secure cookies, modern TLS, MFA on admin paths. Closing these gaps removes the easiest path to the highest penalty band.
₹200 cr breach-notification band
We check that your breach workflow is documented, an owner is named, and a 72-hour Board-report path exists. Without this, a single breach can trigger automatic Schedule penalties.
₹50 cr consent-UX band
We audit Section 6 consent symmetry — granular categories, Accept ≡ Reject, withdraw-as-easy-as-grant. Cookie banners that fail this test are now an enforcement target.
Public trust + claim-washing
Anyone can write "DPDP-compliant" on their footer. Visitors who see the checkDPDP badge can click it and verify the live score on this page — no spoofing, no stale certificates.
SDF readiness for buyers
Enterprise procurement teams in BFSI, healthtech and edtech increasingly demand DPDP attestation in vendor onboarding. The badge satisfies that initial gate.
Daily-refreshed, never stale
Unlike paper certifications that go stale, your badge re-renders from a live daily score. If you regress, you see it. If you improve, your badge improves with you.

Improvement

How to lift your score and keep the badge live

Quick wins (within a week)

• Replace any "Accept-only" banner with a granular CMP (see consent managers).
• Block GA / Pixel / Hotjar until the user opts in to Analytics.
• Publish a Grievance Officer name + email in your footer (examples).
• Ship a Section 5 privacy notice that lists purposes, categories, retention and rights.
• Add HSTS and a Content-Security-Policy header.

Bigger work (next 30 days)

• Stand up a real Data Principal rights mechanism — access, correction, erasure, nomination.
• Document a Section 8(6) breach playbook with named owner + 72-hour report path.
• Run a vendor DPA review for every processor handling personal data.
• If you're an SDF candidate, appoint an India-resident DPO and schedule an annual DPIA.
• Set up retention schedules per data category and an erasure evidence trail.

Run a free /scan to see exactly which of these you're missing right now.

Trust

What this badge means

Live, not certificate-printed
The score embedded on Osano's site re-fetches from this page, so it reflects the current state — not a frozen audit.
Independently scored
checkDPDP is editorially independent. We don't sell badge placement — every vendor is scored on the same 3 axes.
Cross-checkable
Anyone who sees the badge on Osano's site can land on this page and verify the score in 5 seconds.

FAQ