This article was first published in www.ibanet.org (March, 10, 2026).
India's standalone data protection law is set to come into force in its entirety in May 2027 and ensuring compliance for global businesses requires careful attention and detail beyond just updating privacy policies. Organisations are actively reworking their UI/ UX, mapping internal data flows, reassessing vendor arrangements, evaluating their technical and security safeguards, and instituting specialized mechanisms to obtain verifiable consent for processing personal data of children and to manage overlapping retention timelines and reporting requirements.
In this article, we breakdown certain strategic considerations for global companies which are looking to comply with the new data protection law and how can they structure their processes to meet this impending timeline.
Please click here for our detailed article.
Tanishq Gupta, Shashank Venkat and Aaron Kamath
You can direct your queries or comments to the authors.