DPDP DATA-PROTECTION READINESS ASSESSMENT
Legal name of the entity
Assessment date
Assessed by Name and role (e.g. DPO / Compliance Officer)
Role under DPDP
Readiness score 0% Scope & basis
Digital Personal Data Protection Act, 2023 This assessment records the organisation's readiness against the principal obligations of the DPDP Act, 2023. It is a self-assessment and is not legal advice; material gaps should be reviewed with counsel.
1. Organisation & data inventory
Legal name of the entity acts as a [role] under the DPDP Act. Categories of personal data processed: Categories of personal data processed . Approximate scale: e.g. 5,000 customers + 80 employees . Children's data processed: No.
2. Readiness by control area
Overall readiness score: 0% (0 of 10 controls fully in place).
Control area Status Lawful basis documented Not assessed Consent capture & withdrawal Not assessed Privacy notice published Not assessed Data-principal rights process Not assessed Grievance / contact officer Not assessed Retention & deletion policy Not assessed Cross-border transfer controls Not assessed Security safeguards Not assessed Breach detection & notification Not assessed Processor DPAs Not assessed
3. Priority gaps
The following areas are not yet fully in place and should be prioritised:
Lawful basis documented: Not assessed Consent capture & withdrawal: Not assessed Privacy notice published: Not assessed Data-principal rights process: Not assessed Grievance / contact officer: Not assessed Retention & deletion policy: Not assessed Cross-border transfer controls: Not assessed Security safeguards: Not assessed Breach detection & notification: Not assessed Processor DPAs: Not assessed 4. Remarks
Remarks / known gaps
Assessed by
Name and role (e.g. DPO / Compliance Officer)
______________________