A registered entity that manages consent on behalf of Data Principals, acting as their authorised intermediary.
A Consent Manager is an entity registered with the Data Protection Board that acts as a single point of consent management for Data Principals. The Consent Manager enables individuals to give, manage, review, and withdraw consent through a unified interface across multiple Data Fiduciaries. Under Rule 4, Consent Managers must be registered, maintain detailed logs, and are accountable to both Data Principals and the Board. They do not process data themselves — they facilitate consent lifecycle management.
Consent Managers are a new institutional category under DPDPA. If one becomes operational in your sector, Data Principals may route consent through them rather than directly, requiring your systems to integrate with Consent Manager APIs.
A registered Consent Manager allows a Delhi resident to view all platforms they have consented to, withdraw consent from multiple services simultaneously, and grant granular purpose-level consent to new services — all from a single dashboard.
A Consent Manager is NOT a CMP (Consent Management Platform) like DPDPA Shield. It is a Board-registered intermediary entity acting on behalf of Data Principals. No Consent Managers are registered yet as of 2026.