'Most Innovative Startup 2020' by RSA - Watch the videoLearn More
In December 2019, India, following several other countries' footsteps on the privacy laws' developments, introduced the Personal Data Protection Bill (PDPB) to regulate the processing, collection, and storage of personal data.
The PDPB seeks to effectively protect personal data and provide a comprehensive legal framework for processing personal data. It also includes data principals' rights (Data subjects’ rights) and lays down a mechanism for unauthorized and harmful personal data processing remedies and fines. The PDPB imposes obligations on all businesses operating in India to reassess their data processing practices, policies, and safeguards.
SECURITI.ai enables organizations to comply with India's PDPB regulations through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.
SECURITI.ai supports enterprises in their journey toward compliance with the India PDPB regulation through automation, enhanced data visibility, and identity linking.
See how our comprehensive PrivacyOps platform helps you comply with various sections of the India PDPB.
Create customized web forms according to your brand image with the DSR request format and accept verified data principal rights requests. Automate the initiation of fulfillment workflows when verified requests are received.
PDPB Sections: 17, 21
Data principals need to be notified about their data privacy rights and organizations are required to simplify the initiation of verified DSR requests. The automation of the delivery and generation of secure data access reports will greatly reduce the risk of compliance violations and reduce the workforce required to comply with all the requests.
PDPB Section: 17
Disclosure of information to the data principals within a limited time frame of receiving a verifiable data request is a must for any organization looking to comply. This will be free of charge and delivered through a secure, centralized portal.
PDPB Section: 18(1)(a)(b)(c), 18(2)(3)(4)
With the help of automated data principal verification workflows across all appearances of a data principal’s personal data, you can seamlessly fulfill all data rectification requests.
PDPB Section: 18(1)(d),18(2)(3)(4)
Fulfill data principal’s’ erasure requests, swiftly, through automated and flexible workflows.
PDPB Sections: 23, 28, 29
Keep track of risks involved by continuously scanning and monitoring data against non-compliance to subject rights, security controls, or data residency.
Discover personal information stored across all your internal and external systems within the organization and link them back to unique data principal. Also, visualize personal data sprawl and identify compliance risks.
PDPB Sections: 11, 23(3)(4)
Automatically scan the web properties within your organization, categorizing tags, and cookies. Also, build customizable cookie banners, collect consent, and provide a preference center.
PDPB Sections: 11, 12, 23(3)(4)
Track consent revocation of data principals to prevent the transfer or processing of data without their consent. Seamlessly demonstrate consent compliance to regulators and data principals.
PDPB Sections: 7, 22, 23, 24, 26(2), 27, 29, 30, 32
With the help of our multi-regulation, collaborative, readiness, and DPIA system, you can gauge your organization's posture against PDPB requirements, identify the gaps, and address the risks. Seamlessly being able to expand assessment capabilities across your vendor ecosystem to maintain compliance against PDPB requirements.
PDPB Sections: 22(1), 23, 28(1), 27
Track data flows in your organizations, trace this data, catalog, transfer, and document business process flows internally and to service providers or third parties.
PDPB Sections: 7(1)(h), 24, 27, 26, 30, 31
Keep track of privacy and security readiness for all your service providers from a single interface. Collaborate instantly with vendors, automate data requests and deletions, and manage all vendor contracts and compliance documents.
PDPB Section: 25
Automates compliance actions and breach notifications to concerned stakeholders in relation to security incidents by leveraging a knowledge database on security incident diagnosis and response.
Right to Confirmation and Access: Data principals can access their personal data or obtain confirmation from the data fiduciary regarding their personal data whether it is being processed or not.
Right to Correction and Erasure: Data principals can seek correction of inaccurate, incomplete, update, or erasure of their personal data.
Right to Data Portability: In certain circumstances, where the processing has been carried out through automated means, the data principal may receive the personal data in a structured, commonly used and machine-readable format, and also have their personal data transferred from one fiduciary to another.
Right to be Forgotten: Data principals may restrict data fiduciaries to continuing disclosure of their personal data if the consent is withdrawn or it has served the purpose of data processing or collection
Notification Requirement: Data fiduciaries must notify data principals to collect or process their personal data with certain information described under Section 7 of the PDPB