Guides
In-depth compliance guides for privacy professionals. Practical, actionable, and regulation-specific.
DPDP Act Compliance Guide
A comprehensive guide for Indian businesses to achieve and maintain compliance with the Digital Personal Data Protection Act 2023 — covering consent, DSR workflows, breach response, and Significant Data Fiduciary obligations.
GDPR Compliance Playbook
The definitive GDPR playbook for compliance teams — from establishing lawful bases and managing data subject rights to maintaining your Article 30 RoPA and surviving a regulator audit.
CCPA/CPRA Compliance Guide
Everything California businesses (and those serving California residents) need to know about the CCPA and CPRA — from consumer rights to opt-out mechanisms and annual risk assessments.
Privacy Operations Handbook
Build and scale a privacy operations function from scratch. Covers team structures, tooling, KPIs, escalation paths, and how to operationalise privacy across engineering, product, and marketing.
Data Mapping & RoPA Guide
Step-by-step guidance on building and maintaining a Record of Processing Activities that satisfies GDPR Article 30, DPDP Act requirements, and regulatory audit expectations.
Consent Management Best Practices
Design consent flows that are genuinely free, specific, and informed — and build the infrastructure to capture, store, version, and withdraw consent at scale across all channels.
AI Governance Framework
A practical framework for governing AI systems under the EU AI Act, GDPR, and emerging global AI regulations — including risk classification, DPIA requirements, and human oversight controls.
Breach Notification Playbook
A step-by-step incident response playbook covering breach detection, risk assessment, regulatory notification timelines (GDPR 72-hour, DPDP Act, PDPA 3-day), and affected individual communication.
Vendor Risk Assessment Guide
Assess, monitor, and manage privacy risks from third-party processors. Covers vendor questionnaires, DPA execution, sub-processor management, and ongoing monitoring programs.
Privacy Program Maturity Model
Benchmark your organisation's privacy program against a five-level maturity model — from ad hoc compliance to automated, proactive privacy management — with a clear roadmap to advance.
Shadow IT Discovery Guide
Personal data hiding in unauthorised SaaS tools is one of the biggest compliance risks organisations face. Learn how to discover shadow IT, assess risk, and bring it into your governance program.
GDPR for SaaS Companies
GDPR compliance for SaaS businesses is different from enterprises. This guide focuses on sub-processor management, DPA templates, privacy-by-default product features, and handling enterprise customer audits.
India DPDP for Startups
A practical, startup-friendly guide to India's DPDP Act — focused on what you need to do now, what you can defer, and how to build a compliance foundation without a dedicated privacy team.
Need a custom compliance assessment?
Our privacy experts can conduct a bespoke gap analysis and build a roadmap for your organisation.