Runtime Consent Verification for DPDPA

Compliance is not what
your policy says.
It’s what your code does.

DPDPA Ready verifies whether runtime systems actually honor the consent your users give.

Start Free Scan →View Sample Report

Runtime request verification

Consent flow validation

Observable evidence capture

Boardroom-readable reporting

“We do not collect personal data before consent is obtained from the user.”

POLICY CLAIM

OBSERVED RUNTIME BEHAVIOR

09:14:22Page load initiated

09:14:23Consent banner detected

09:14:24Reject all simulated

09:14:26Meta Pixel request observed

09:14:26Hashed email identifier detected

09:14:27Consent state mismatch verified

FINDING RECORDED — DPDPA § 6(1)

Meta Pixel transmitted hashed identifier before consent state was established.

CRITICAL

Runtime Privacy Reality

Most privacy programs verify policies.
Very few verify runtime behavior.

Privacy posture means little if runtime systems behave differently.

POLICY CLAIM

“We do not share personal data with advertising partners without explicit consent from the user.”

OBSERVED RUNTIME BEHAVIOR

CST-101Meta Pixel fired 240ms before consent banner rendered

CST-100Hashed email transmitted in pre-consent POST request

CST-102GA continued firing after explicit consent rejection

Observed§ 6(1)MISMATCH VERIFIED

Runtime Verification Engine

Browser-automated verification built
for observable consent behavior.

LAYER 1

Static Analysis

Establishes an observable baseline across consent posture, privacy visibility, exposed PII, and third-party activity.

26 checksConsent flowsPII detectionPolicy gaps

LAYER 2 — BROWSER

Consent Flow Simulation

Validates whether runtime systems actually honor user consent across observable browser interactions.

Real browserRejection simulationTraffic interception

LAYER 2 — NETWORK

Network Request Verification

Correlates observable network activity with declared consent states to surface runtime contradictions.

Payload inspectionConsent correlationDPDPA mapping

Observable Evidence

Every finding is backed
by runtime evidence.

Every finding is traceable to observable runtime behavior.

Click the finding above to expand runtime evidence

Operational Posture

Boardroom-readable posture.
Engineering-grade evidence.

Runtime verification translated into operational clarity.

MATURITY LEVEL

Developing

CRITICAL

HIGH

MEDIUM

LOW

Consent32

PII Exposure78

Privacy Policy61

Third-Party55

Continuous Verification

Runtime behavior changes constantly.
Verification cannot be one-time.

Continuous verification for evolving runtime systems.

CONTINUOUS

Scheduled Re-Scans

Automated weekly or monthly re-verification against your baseline. Consent drift is detected and surfaced immediately.

DIFF ENGINE

Drift Detection

New third-party scripts, consent flow changes, and policy modifications flagged between scan runs.

INTEGRATION

Engineering Workflows

Findings mapped to JIRA-compatible issue format. Severity, DPDPA section, and remediation steps ready to assign.

RUNTIME

Runtime Monitoring

Continuous live traffic interception across production pages. Not periodic — persistent verification.

ADVISORY

Expert Review

Each report reviewed by a certified privacy practitioner. Evidence confirmed, context added, edge cases flagged.

CONNECTORS

CMP Integrations

Native connectors for OneTrust, Cookiebot, CookieYes, and Didomi. Consent state verified end-to-end.

Verify what your runtime
systems actually do.

Start with a Posture Analysis to evaluate observable consent posture and runtime visibility.