See how leading Indian enterprises use Vishwaas AI to make their DPDP Act compliance cryptographically verifiable, operationally sustainable, and DPBI-ready.
Metrics updated at launch · All data as reported by customers
Featured Story
Industry
Banking & Financial Services
Scale
5M+ retail customers
Plan
Enterprise
Systems connected
7 source systems
Key Outcomes
94% identity auto-linked
On PAN or mobile number across all 7 systems; 6% queued for human review
3-second propagation
Marketing consent withdrawals reach CleverTap and Salesforce in under 3 seconds
Cryptographic proof on every consent
SHA-256 + RSA-2048 + RFC 3161 TSA token on all consent records
The Challenge
This bank processes personal data across seven systems: Core Banking (Finacle), Loan Origination, CRM (Salesforce), Mobile Banking App, Credit Card System, Insurance Subsidiary, and Marketing Platform (CleverTap). Three pressing problems when DPDP came into force:
Bundled consent
The mobile app presented a single checkbox for account servicing, marketing emails, group company data sharing, and third-party partner offers — a direct violation of DPDP Act §6(2)
Identity fragmentation
The same customer existed in all seven systems with different identifiers — email in CRM, phone in e-commerce, PAN in HRIS. An erasure request had nowhere to start
No cryptographic proof
Consent records existed as database rows with timestamps. Legal team concluded the evidence would not survive a competent DPBI challenge
The Vishwaas AI Solution
Deployed consent SDK in the mobile app — separate, granular consent prompts for each purpose, replacing the single-checkbox flow
Connected all seven source systems via Vishwaas AI's source system connectors
Identity resolution engine auto-linked 94% of records on PAN or mobile number; 6% queued for privacy manager review
All consent records now carry SHA-256 chain hash + RSA-2048 signature + RFC 3161 TSA token
Consent propagation configured: marketing consent withdrawals reach CleverTap and Salesforce within 3 seconds
"[Quote placeholder from DPO or CISO about non-repudiation, compliance confidence, or DPBI readiness.]"
[Name], [Title]
Large Private Bank · BFSI · Enterprise
Featured Story
Industry
Insurance (Life & Health)
Scale
2M policyholders
Plan
Enterprise
Data type
Sensitive (health)
Key Outcomes
22 Indian languages
Privacy notices for policy issuance flows in Tamil, Telugu, Kannada, Hindi, English and more
DPIA workflows for all high-risk processing
Health data processing, reinsurer sharing, and algorithm-based underwriting
Court-admissible consent proof
Hash-chained, RFC 3161-signed — meets IRDAI and DPBI evidentiary standard
The Challenge
This insurer holds sensitive health declarations, diagnostic reports, and nominee details for 2 million policyholders across three product lines. Health data under DPDP carries heightened obligations. Two specific risks:
Undocumented reinsurer consent
Consent for health data sharing with reinsurers was undocumented — no written record of what policyholders agreed to
No repeatable DPIA process
As a potential SDF, the insurer needed a structured DPIA process for all high-risk processing activities — algorithm-based underwriting, reinsurer sharing, health data processing
The Vishwaas AI Solution
Privacy notices created in 22 languages for policy issuance flows — Tamil, Telugu, Kannada, Hindi, English
Separate consent collected at policy issuance: core servicing / reinsurer sharing / third-party administrator / renewal reminders / new product offers
DPIA workflows deployed for health data processing, reinsurer data sharing, and algorithm-based underwriting
DPO approval gates on all privacy notices and DPIAs — mandatory, recorded, immutable
Consent records hash-chained and RFC 3161-signed — court-admissible proof for both IRDAI and DPBI
"[Quote placeholder from DPO or CCO about IRDAI + DPBI dual compliance, consent for health data, or audit readiness.]"
[Name], [Title]
Life & Health Insurer · Insurance · Enterprise
Featured Story
Industry
E-Commerce / D2C
Scale
500K MAUs
Plan
Professional
SDK size
20 KB embed
Key Outcomes
500,000 customers reached
DPDP-compliant consent campaign with Rule 3-compliant notice in each user's preferred language
5-second ad network propagation
Cookie consent withdrawals propagate to ad network within 5 seconds via webhooks
Ledger-connected cookie consent
20KB banner.js replaced third-party GDPR tool — all cookie preferences now in the hash-chained ledger
The Challenge
This platform used a patchwork of consent tools — a GDPR banner retrofitted with a Hindi translation, and marketing consent bundled into account registration. Two DPDP Act exposures:
Cookie consent not in the ledger
No DPBI-defensible record of cookie preferences — third-party tool had no hash chain, no TSA token, no integration with their compliance records
Retroactive consent obligation
500,000 existing customers had not given DPDP-compliant consent. Rule 3(5) required retroactive notice — at scale, in multiple languages
The Vishwaas AI Solution
Replaced third-party cookie banner with Vishwaas AI's 20KB embeddable SDK (banner.js) — category-level consent recorded in the hash-chained ledger
Consent Campaign deployed to 500,000 existing customers — Rule 3-compliant notice in user's preferred language, explicit opt-in per purpose
Propagation webhooks configured — marketing consent status in real time to email platform, push notification service, and analytics platform
Cookie consent withdrawals propagate to ad network within 5 seconds
"[Quote placeholder about consent campaign results, marketing compliance improvement, or DPBI audit readiness.]"
[Name], [Title]
Mid-Market E-Commerce Platform · Professional
"The RFC 3161 TSA token was the feature that convinced our legal team. For the first time, we have consent records that can withstand a DPBI investigation."
Head of Legal & Compliance
"We went from being unable to answer 'where does this customer's data live?' to having a complete identity graph across all our systems — in three weeks."
Chief Privacy Officer
"The implementation guide was excellent. We went from demo to production in 11 days."
Head of Technology
"In 22 languages. I didn't think any Indian software product would actually deliver that. Vishwaas AI did."
DPO / Privacy Lead
Vishwaas AI is accepting Design Partner organisations — enterprises that want early access to the platform in exchange for providing feedback, participating in case study development, and joining the early customer advisory board.
Benefits of Design Partner Status
6 months at Starter plan pricing
Full platform access at significantly reduced cost during the design partner period
Direct access to the product team
Regular feedback sessions and feature prioritisation input with Vishwaas AI engineers
First-mover compliance advantage
Achieve DPDP compliance certification before full enforcement and your peers
Regulatory intelligence reports
Early access to Vishwaas AI's DPDP regulatory intelligence reports and enforcement updates
See Vishwaas AI live with your industry's compliance scenarios. BFSI, Insurance, Healthcare, E-Commerce — we have a demo environment configured for your sector.