Advait Kapoor

Compliance Strategist at ComplyZero

Advait Kapoor helps Indian businesses operationalize data protection. With experience in ISO 27001 audits, data mapping, and privacy program management, he focuses on the practical 'how' of DPDP - checklists, templates, data audits, and consent records. His writing is built for the DPO or founder who needs to get compliant, not just understand the law.

Compliance OperationsISO 27001Data AuditsPrivacy Program ManagementTemplates & Checklists

Articles by Advait Kapoor(6)

DPDP Consent Records: What to Log, How to Store, and Why It Matters

A practical guide to DPDP consent record-keeping: exactly what fields to capture, how long to retain them, and how to build a system that survives a Board inquiry.

Data Retention Under DPDP: How Long Can You Keep Personal Data?

A practical guide to DPDP data retention: Section 8(7) obligations, retention periods by data category, sectoral law conflicts, and a ready-to-use retention schedule framework.

How to Draft a DPDP-Compliant Data Processing Agreement (DPA)

A clause-by-clause guide to drafting DPDP-compliant Data Processing Agreements, with sample language, a GDPR comparison table, and common mistakes to avoid.

How to Conduct a DPDP Data Audit: Step-by-Step Guide

A practical, step-by-step methodology for auditing your personal data processing against DPDP Act requirements, with templates, time estimates, and common pitfalls.

DPDP Breach Notification: The 72-Hour Rule, CERT-In vs DPBI, and What You Must Report

India now has two parallel breach reporting regimes. Here is exactly what to report, to whom, and by when under the DPDP Act 2023 and CERT-In Directions.

DPDP Compliance Checklist: 15-Step Guide for Indian Businesses (2026)

A phased, 15-step DPDP compliance checklist with time estimates, Act section references, and practical guidance for Indian businesses targeting the May 2027 deadline.