Legal
DPDP statement
How DataDost approaches India's Digital Personal Data Protection Act, 2023 where it applies to scoped work.
Control surface
DPDP statement
Access
Role boundaries, MFA assumptions, and review ownership are explicit.
Policy
Terms, privacy, subprocessors, and incident notes stay linked.
Evidence
Changes, exceptions, and approvals are documented before release.
Buyer check
A procurement or legal reviewer can inspect the operating stance quickly.
Operating position▾
DataDost AI is based in India and serves clients globally. Where the Digital Personal Data Protection Act, 2023 applies, DataDost AI designs notices, consent capture, retention, access, and grievance routes around the accepted Proposal or SOW.
Client-specific role allocation, data fiduciary or processor obligations, transfer assumptions, and retention instructions depend on the engagement scope and the client's chosen tools.
- Privacy-first delivery
- Notice and consent support
- Rights route support
- Retention by scope
- No blanket certification claim
Rights and grievance route▾
Users may contact DataDost to request access, correction, deletion, consent withdrawal, grievance handling, or other rights available under applicable law, subject to identity verification, security needs, legal obligations, and legitimate retention requirements.
For client systems, DataDost follows the client-approved support route and SOW instructions so requests reach the right controller, fiduciary, or business owner.