ComplyDP
DPDP Compliance Gap Analysis Report
Company
Acme Technologies Pvt. Ltd.
Website
https://acmetech.example.com
Date
08 Apr 2026
Pages scanned
4
RISK LEVEL: HIGH
COMPLIANCE SCORE: 18/100
1. Executive Summary
The website lacks fundamental DPDP Act compliance mechanisms. No privacy policy was found that references the Digital Personal Data Protection Act, 2023. Cookie consent mechanisms are absent, and there is no grievance redressal or data principal rights disclosure. Immediate remediation is recommended to avoid regulatory penalties of up to ₹250 Crore.
2. Compliance Control Assessment
| Control | Result |
|---|---|
| Notice explains data categories collected | Fail |
| Notice lists purposes for collection | Fail |
| Notice mentions sharing/disclosure | Fail |
| Notice explains how to exercise rights | Fail |
| Notice explains grievance redressal | Fail |
| Privacy Contact / DPO available | Fail |
| Grievance mechanism described | Fail |
| Consent withdrawal mechanism | Partial |
| Cookie/marketing preference center | Fail |
| Children privacy protection | N/A |
| Language availability (Indian languages) | Fail |
| Data retention period disclosed | Fail |
3. Critical Compliance Gaps
- No DPDP-compliant privacy notice found on the website
- Cookie consent banner is missing — no opt-in mechanism for tracking
- No Data Protection Officer (DPO) contact information published
- Grievance redressal mechanism not described anywhere on the site
- Data retention periods are not disclosed to users
- No mechanism for users to withdraw consent or request data deletion
LIMITED TIME OFFER
Complete External Scan + Gap Analysis: Rs 14,999 Rs 1,999
This is a sample report. Actual results vary based on your website.