TrustX
01 / CONSENT MANAGEMENT

Capture consent. Prove it later.

DPDP Act 2023 penalties: ₹250 Cr for security failures, ₹200 Cr for breach notification failure, ₹50 Cr for consent violations. ConsentXpert covers all three — Capture (S.6), Store (S.8), Withdraw (S.6), Data Principal Rights (S.11–14) and DPB-ready Audit — across web, mobile and email in 9 Indian languages with a roadmap to all 22 DPDP scheduled languages.

All Products →
ConsentXpert
PS
Priya Sharma
priya@acmecorp.in
Consent pending
DPDP 2023GDPRHIPAA
Manage Preferences →
Features

Every DPDP obligation. One system.

01

Capture — Web SDK (9 Languages)

JS/TS SDK for consent banners, notices and modals — five layout types, 9 Indian languages, roadmap to all 22 DPDP scheduled languages.

02

Capture — Mobile OTP & Email

OTP consent in 9 languages. Email-based capture timestamped and stored in the immutable vault.

04

Withdraw — S.6(4)

One-click withdrawal as easy as giving consent. Purpose-level granularity with real-time webhooks to downstream systems.

03

Store — Immutable Vault

Cryptographically hashed at write time. 7-year DPDP retention enforced automatically. Produce cryptographic proof in seconds when the DPB asks — not a spreadsheet.

06

Audit — DPB Ready

State-machine trail with actor attribution. Signed PDF export formatted for Data Protection Board submissions.

07

Children's Data — S.9

Age-gate flows, verifiable guardian consent via OTP or Email. SDK-level marketing restrictions for child profiles — not just policy.

05

Rights Portal — S.11–14

Self-service access, correction, nomination, erasure and grievance — tracked, timestamped and auditable.

How It Works

Up and running in days, not months.

1

Create account & get API token

Register your organisation as a Data Fiduciary on ConsentXpert. Log in via the Developer Portal or POST /auth/login/fiduciary to get your JWT Bearer token and OAuth client credentials — client_id, client_secret and webhook_secret.

< 30 min
2

Define purposes & set up webhooks

Create purpose templates in the Developer Portal — health records, marketing, login consent, etc. Each purpose gets a UUID required by the API. Point your webhook URL to receive consent.granted, consent.revoked and consent.expired events in real time.

~ 1 hour
3

Request consent & go live

Call POST /consents/request-by-email from your backend. The user approves from their dashboard or email notification — your webhook fires instantly. Verify the consent token with one API call, then process their data. Full 7-year audit trail maintained automatically.

Day one
Technical Specs

Built for your stack

Full technical documentation and API references available after onboarding call.

LanguagesWeb: 9 Indian languages · Mobile: English + 9 Indian languages · roadmap to all 22 DPDP 2023 scheduled languages
Retention7-year default (DPDP mandate), configurable up to 30 years — automated deletion when purpose is fulfilled
Consent channelsWeb SDK · Mobile OTP · Email · REST API
Data Principal RightsAccess (S.11) · Correct (S.12) · Nominate (S.13) · Erase (S.14) · Grievance — full self-service portal
SDF ReadyDPO dashboard · DPIA templates · Independent audit export — for Significant Data Fiduciaries (S.10)
Export formatsCSV · JSON · Signed PDF — cryptographic proof for DPB inquiry and external auditors
SDKsJavaScript · TypeScript · iOS · Android — React, Vue, plain-JS wrappers
FAQ

Frequently asked questions.

Ready to implement ConsentXpert?

Our engineers will map your current workflow and show you exactly what ConsentXpert changes.