1. What valid consent requires
- A clear affirmative action (no pre-ticked boxes).
- An itemised notice describing the data and purpose.
- A working, easy withdrawal path.
2. Design for withdrawal first
If withdrawal is harder than granting, you have a problem — and building it forces you to know where the data actually went.
3. Consent Managers
The DPDP framework allows a registered Consent Manager through which data principals give, review and withdraw consent.
How CyberSigma helps
We design your consent, notice and withdrawal flows and the records that prove valid consent — audit-ready for the DPDP Act.
This guide is educational and not legal advice. Requirements evolve — validate specifics against the current standard or regulation for your situation.
