ProtectComplyYour Compliance partner
Consent-as-a-Service

Your consent layer.
Without rebuilding your stack.

Standalone DPDP §6 + Rule 4 compliant consent management. Use it on its own, even if your assessment and grievance workflows run elsewhere. DEPA-interop, BYO-domain, 22 languages.

Try Consent-as-a-ServiceTalk to us

What is DEPA?

The Data Empowerment & Protection Architectureis India's framework for principal-controlled data sharing. Rule 4 of the DPDP Rules (2025) operationalises the DEPA Consent Artefact format — a structured, machine-readable, tamper-evident consent record that can flow between Data Fiduciaries, Account Aggregators, and consented data fabrics. ProtectComply issues and verifies these artefacts as a first-class output of the Consent module.

What you get

🔗

DEPA Rule-4 interop

Issue and verify Consent Artefacts in the Data Empowerment & Protection Architecture format. Plug-and-play with Account Aggregators and consented data fabrics.

📱

WhatsApp & email revoke

Send a one-line revoke link via WhatsApp or email. Principal taps once — withdrawal recorded, downstream sharing halted.

🌐

22 Indian languages

Banner, preference centre, and revoke flow auto-translated to every official Indian language. First Schedule covered.

🏷️

BYO-domain

consent.yourbrand.com served from our infra. Your brand, our compliance plumbing.

🔐

Provenance baked in

Every record carries IP, user-agent, fingerprint, and per-tenant principal cookie. Returning principals don't see the banner twice.

📦

Standalone, not coupled

Use ProtectComply consent even if you have your own assessment, RoPA, or grievance stack. Webhooks push records into your existing systems.

When does this make sense?

You already have GRC

Keep your existing GRC or governance stack. Bolt on ProtectComply Consent for the DPDP §6 piece your platform doesn't cover.

You're a fintech using Account Aggregator

DEPA Rule-4 interop means your Consent Artefacts plug into AA flows without you building the spec yourself.

You're a publisher / ad-tech vendor

Cookie banner + per-purpose granular consent that respects withdrawal. Your tag-management stack honours the flags via our JS SDK.

You're a foreign SaaS with Indian users

Run only the consent module — Indian data residency, 22-language notices, and a DPDP-compliant withdrawal flow.

Pricing positioning

Consent-as-a-Service is priced lighter than the full ProtectComply platform — you only pay for the consent layer. If you later add assessment, grievance, or breach, the consent records carry over with you.

See full pricing →

Ready to switch on Indian consent?

One JS tag. Your branding. Our compliance.

Start trialBook a 20-min call