Free, no signup required

Free DPDP Readiness Assessment
for Indian Businesses

Find out where your organisation stands on DPDP Act compliance. This free readiness test (or self-check) walks you through 15 questions and gives you an instant readiness score, gap analysis, and a prioritised DPDP compliance checklist.

Not sure if DPDP applies to you? Check first

Takes about 3 minutes

What This Assessment Covers

Data Visibility

Can you locate, classify, and map all personal data across your systems?

Sections 8(3), 11

Consent & Legal Basis

Do you collect, record, and honour consent as the Act requires?

Sections 4, 5, 6, 7

Security Safeguards

Are reasonable technical safeguards protecting personal data?

Section 8(5)

Retention & Deletion

Can you erase data when the purpose is fulfilled or consent is withdrawn?

Sections 8(7), 12

Incident Response & Governance

Do you have the people, processes, and plans for breach response and accountability?

Sections 8(6), 10, 13

DPDP Act 2023 Aligned

Every question maps to specific DPDP Act sections. Scored by compliance weight.

How It Works

Take the Assessment

Answer 15 questions about your data practices, consent, security, and governance.

Get Your Score

See your overall readiness score and category breakdown instantly. No email required.

See Your Roadmap

Get prioritised action items with DPDP Act references and a downloadable PDF report.

Frequently Asked Questions About DPDP Compliance

What is the DPDP Act 2023?+
The Digital Personal Data Protection Act, 2023 is India's comprehensive data privacy law. It governs how organisations collect, process, store, and delete personal data of individuals in India. The Act establishes rights for data principals (individuals) and obligations for data fiduciaries (organisations).
Who needs to comply with the DPDP Act?+
Every organisation that processes digital personal data within India, or processes data of individuals in India for offering goods or services. There is no size threshold — startups, SMEs, and large enterprises all must comply with baseline obligations.
What are the DPDP compliance deadlines?+
The DPDP Rules were notified on November 14, 2025, with a three-phase rollout. Consent manager provisions take effect November 14, 2026. Full substantive compliance — including consent, breach notification, data principal rights, and erasure — is required by May 14, 2027.
What penalties does the DPDP Act impose?+
Penalties range up to Rs 250 crore per breach. Failure to implement reasonable security safeguards carries the maximum penalty of Rs 250 crore. Failure to notify breaches: Rs 200 crore. Children's data violations: Rs 200 crore. These are per-breach, not annual caps.
What is a Data Fiduciary under the DPDP Act?+
A Data Fiduciary is any person or organisation that determines the purpose and means of processing personal data — essentially, any company that decides why and how personal data is collected and used. If your organisation collects customer, employee, or user data, you are a Data Fiduciary.
How long does DPDP compliance take?+
Most organisations need 9-12 months for full implementation, depending on their current maturity. This includes data mapping, consent infrastructure, deletion capabilities, breach response procedures, and vendor contract updates. Starting sooner reduces risk and cost.
Is this assessment free?+
Yes, completely free. You can complete the assessment and see your readiness score, category breakdown, and top recommendations without providing any personal information. An optional email capture lets you download a detailed PDF report.
What happens to my assessment data?+
Your answers are used solely to calculate your readiness score on this page. If you provide your email for the PDF report, we store your email and scores to deliver the report. We do not share your data with third parties or use it for purposes beyond delivering your assessment results.
Is this a DPDP readiness test, a readiness check, or a full assessment?+
They are the same thing. This free DPDP readiness assessment, sometimes called a readiness test, readiness check, or self-assessment, uses 15 weighted questions to gauge how prepared your organisation is for the DPDP Act 2023. You get an instant score and a gap breakdown without signing up.
What is on a DPDP readiness checklist?+
A practical DPDP compliance checklist covers consent and notice, a Record of Processing Activities (RoPA), data principal rights and grievance handling, breach detection and notification, security safeguards, data retention and erasure, children's data, and vendor and processor contracts. This assessment scores you against each area and turns the gaps into a prioritised checklist.
What are the main DPDP compliance requirements?+
Core DPDP requirements include obtaining valid consent with a clear notice, processing data only for the stated purpose, honouring data principal rights such as access, correction, erasure, and grievance redressal, notifying the Data Protection Board and affected individuals of breaches, implementing reasonable security safeguards, and deleting data once its purpose is served. Significant Data Fiduciaries have extra duties such as appointing a DPO and undergoing annual audits.

Start Building Your DPDP Compliance Programme

Vratex is India's GRC platform built for DPDP Act and ISO 27001 compliance. Risk register, audit checklists, AI gap analysis, all in one place.

Learn more about Vratex