6 mistakes that lenders make in KFS & loan agreement
Register
Close Icon
Home
>
Blog
>
Consent Manager

What is a Consent Manager under the DPDP Act

October 14, 2024
Anahad Narain - Founder's Office at Leegality

Anahad Narain

Founder's Office

What is a Consent Manager?

Summary

  • The DPDP Act mandates strict compliance for managing personal data, with penalties up to ₹250 Crore for violations, making consent management essential for businesses.
  • The DPDP Act enforces a robust framework for data protection, with a strong focus on user consent as the primary ground for processing personal data.
  • Consent must be freely given, specific, informed, unambiguous, and verifiable, ensuring that individuals fully understand how their data is used.
  • A Consent Manager helps businesses gather consent across channels, securely store records, and manage consent changes, ensuring compliance with the DPDP Act.
  • ‍Compliance with the DPDP Act requires businesses to maintain transparent records of all consent interactions, including timestamps and purpose, for audits and regulatory reviews.
  • Beyond managing consent, a Consent Manager supports data principal rights such as access, correction, erasure, grievance redressal, and nomination of representatives.
  • Managing third-party vendors becomes crucial, as businesses must ensure data shared with partners is deleted or corrected across all platforms when requested by users.
  • The DPDP Act also emphasizes compliant data retention, limiting how long personal data can be stored, which requires a systematic approach to deletion across internal and external systems.
  • Consent Artifacts, mentioned in the DPDP Act, enable secure, machine-readable consents, providing transparency and traceability in data sharing between businesses and service providers.

What is a Consent Manager?

Under the DPDP Act, a Consent Manager is a registered entity that acts as a single point of contact for users to give, manage, review, and withdraw their consent through an accessible and transparent platform.

What is a Consent Manager under the DPDP Act? - illustration

What constitutes valid consent under the DPDP Act?

Valid consent must be free, specific, informed, unconditional, and unambiguous with a clear affirmative action. Using a Consent Manager ensures compliance with these requirements.

Download Blog as PDF
Content

Related articles

Legal Explainer
February 15, 2024
What is the DPDP Law on Children's Data?
Anahad Narain - Founder's Office at Leegality

Anahad Narain

6
min read
Legal Explainer
December 5, 2023
What is DPDP Act in India
Anahad Narain - Founder's Office at Leegality

Anahad Narain

4
min read

Sign up for a demo and early trial access

Customized Demo for every use case
Deep dive into your unique needs and compliance challenges
Free access to testing account
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.