Self-serve portal. OTP-verified. 30-day SLA countdown enforced. Closure PDF auto-generated on resolution.
Without this: Rights requests arrive by email with no tracking, no SLA enforcement, and no closure proof. Each unresolved request beyond 30 days is a direct penalty trigger.
Access, Correction, Erasure, Nomination, and Grievance — all DPDPA-mandated right types covered.
6-digit OTP, 10-minute expiry, bcrypt-secured, 3 max attempts. Verifiable identity for every request.
Confirmation email sent to the user within 60 seconds of submission. Legally, this matters.
Live countdown on every request. Red/amber/green status. Auto-escalation when approaching deadline.
Immutable PDF generated on resolution. Includes full timeline, identity proof, response content, and closure reason.
Deploy as a standalone page at /rights/[your-slug] or embed as an iframe in your privacy policy page.
Portal, SLA enforcement, OTP verification, and closure PDFs available on all plans.
DPDPA grants four core rights: Right of Access (S.11) — know what data is held and how it is used; Right to Correction/Erasure (S.12) — correct inaccurate data or request deletion; Right to Grievance Redressal (S.13) — escalate unresolved complaints; Right of Nomination (S.14) — nominate someone to exercise rights on death or incapacity. All five request types (including Grievance) are available in the DPDPA Shield portal.
DPDPA requires Data Fiduciaries to respond within 30 days. DPDPA Shield enforces this with a live countdown on every request, amber alerts at Day 20 and Day 25, and a red critical alert at Day 28. If a response is not initiated by Day 29, the DPO is auto-notified by email. The SLA timer is always visible to your entire compliance team.
Each submission triggers a 6-digit OTP sent to the email address provided. The OTP expires in 10 minutes and allows 3 attempts. Only after successful OTP verification is the request accepted and forwarded to your DPO. This prevents fraudulent erasure requests and provides a verifiable identity trail for your audit records.
A closure PDF is an auto-generated document created when a request is resolved. It includes the original submission, identity verification record, every status change, all communications sent, and the final closure reason — timestamped and stored immutably in Cloudflare R2. If challenged by a regulator, this document is your complete evidence of compliance.
Your portal is live in under 15 minutes. Free trial, no credit card required.
Prove every consent. Court-admissible SHA-256 proof.
Learn moreNever miss the 72-hour Board notification window.
Learn moreReal-time 0–100 compliance health score.
Learn moreMap every asset, processor, and data flow. Auto-generate RoPA.
Learn moreTrack, score, and treat every DPDPA risk. Growth+.
Learn moreAutomated security scoring for every data processor. Growth+.
Learn moreAI-curated DPDPA updates. Never miss an enforcement signal.
Learn moreChildren's data, DPIA, SDF — highest-penalty coverage.
Learn more