DPDP Roles, explained simply

India's Digital Personal Data Protection Act. Who is who.

‹ Sector wise readiness

Sector wise readiness, Day 7

AdTech and data brokers: can you prove where every record came from?

A question I would put to every AdTech, DMP and data broker founder reading DPDP checklists:

Can you prove where each row of your audience data came from, and that someone consented to this use?

For most of the industry, the honest answer is no. And under DPDP, that gap is the core exposure, not a paperwork detail.

A sector map is a superset, not a launch checklist. So start with what applies to everyone here, whatever your size.

What applies to everyone, whatever your size

What this sector lives and dies on

The line that catches people

Behavioural targeting of children is absolutely prohibited. No consent cures it. This is not a "get a parent to sign" situation. It is a hard stop.

What may not apply to you yet

The better question

The better question is not "does AdTech have a special regime?"

It is "can I trace every record back to a consent I can prove?"

Law creates obligations. Scale and risk influence implementation. But provenance is a day one discipline. The size of your data pool does not excuse it.

Tomorrow: gaming, and the 50 lakh user line that flips the rules.

Which part of the consent chain do you think breaks first? Drop it in the comments, or send me a message.

#DPDP #DataProtection #AdTech #MarTech #Privacy #DataBrokers

Be DPDP ready before the deadline

We are preparing more than a dozen ready to use templates, including the Privacy Notice, Consent Notice, Data Retention and Erasure Policy, Security Safeguards Policy, Breach Response Procedure, Children's Data Policy, and the Data Processing Agreement. Drop your email and we will notify you when the assessment and templates go live.