Data Privacy

Privacy is a fundamental right. We help you honour it.

From GDPR and DPDPA implementation to cross-border transfer frameworks and privacy automation — Dutient delivers privacy programmes that are auditable, scalable, and built for your regulatory reality.

GDPR & DPDPA

ISO 27701:2019

16 Jurisdictions

Regulatory Landscape

The regulations shaping data privacy globally

DPDPA 2023

India — Digital Personal Data Protection Act

PDPA

Singapore — Personal Data Protection Act

PDPA

Malaysia — Personal Data Protection Act 2010

Privacy Act 1988

Australia — incl. Australian Privacy Principles

Data Privacy Act

Philippines — Republic Act No. 10173

UU PDP

Indonesia — Personal Data Protection Law 2022

EU GDPR

European Union — General Data Protection Regulation

UK GDPR

United Kingdom — Post-Brexit data protection

Swiss FADP

Switzerland — Federal Act on Data Protection (revised)

ePD

EU — ePrivacy Directive (cookies & electronic comms)

KVKK

Turkey — Law on Protection of Personal Data

UAE PDPL

United Arab Emirates — Federal Decree-Law No. 45/2021

KSA PDPL

Saudi Arabia — Personal Data Protection Law

Bahrain PDPL

Bahrain — Personal Data Protection Law 2018

Oman PDPL

Oman — Personal Data Protection Law 2022

Kuwait DPL

Kuwait — Data Protection Law (in progress)

CCPA / CPRA

US — California Consumer Privacy Act & Privacy Rights Act

PIPEDA

Canada — Personal Information Protection and Electronic Documents Act

LGPD

Brazil — Lei Geral de Proteção de Dados

VCDPA

US — Virginia Consumer Data Protection Act

CPA

US — Colorado Privacy Act

CTDPA

US — Connecticut Data Privacy Act

COPPA

US — Children's Online Privacy Protection Act

Global Reach

Privacy compliance across 16 jurisdictions

Hover over highlighted countries to see the primary data protection regulation we support.

APAC

India — DPDPA 2023

Singapore — PDPA

South Korea — PIPA

Europe

EU Member States — GDPR

United Kingdom — UK GDPR

Middle East & Africa

UAE — PDPL

Saudi Arabia — PDPL

South Africa — POPIA

Americas

USA — CCPA / CPRA

Canada — PIPEDA

Brazil — LGPD

Active coverage

Other regions

🇮🇳

India

DPDPA 2023

🇸🇬

Singapore

PDPA

🇰🇷

South Korea

PIPA

🇬🇧

United Kingdom

UK GDPR

🇩🇪

Germany / EU

EU GDPR

🇫🇷

France

EU GDPR

🇦🇪

UAE

PDPL

🇸🇦

Saudi Arabia

KSA PDPL

🇧🇭

Bahrain

PDPL 2018

🇴🇲

Oman

PDPL 2022

🇰🇼

Kuwait

Data Prot. Law

🇿🇦

South Africa

POPIA

🇳🇬

Nigeria

NDPR 2019

🇰🇪

Kenya

Data Protection Act 2019

🇺🇸

United States

CCPA / CPRA

🇨🇦

Canada

PIPEDA

🇧🇷

Brazil

LGPD

🇲🇽

Mexico

LFPDPPP

What's Included

End-to-end privacy advisory & implementation

Comprehensive, legally sound privacy notices and internal policies aligned to your jurisdictions and processing activities.

Privacy Notice Cookie Policy Consent Management Employee Privacy Notice Website Privacy Policy

Data Protection Impact Assessment (DPIA)

Systematic risk identification and mitigation for high-risk processing activities — mandatory under GDPR Art. 35, DPDPA, and equivalent laws.

Risk Analysis GDPR Art. 35 Regulatory Template

Data Mapping & ROPA

Complete Records of Processing Activities and end-to-end data flow mapping — the foundation of every effective privacy programme.

Data Inventory Flow Diagrams Article 30 GDPR

Transfer Impact Assessment (TIA)

SCCs, BCRs, and cross-border transfer validation to ensure all international data flows have a lawful basis and adequate safeguards.

SCCs BCRs Adequacy Analysis

Legitimate Interest Assessment (LIA)

Legal basis documentation, balancing tests, and proportionality analysis for legitimate interest processing under GDPR and equivalent frameworks.

Legal Basis Balancing Test Documentation

Data Subject Rights Management

DSR intake workflows, response timelines, SARs, erasure requests, and portability — fully operationalised and audit-ready.

SAR Handling Erasure Requests Portability

Privacy Automation Platform Implementation

End-to-end deployment and configuration of leading privacy management platforms tailored to your compliance workflow.

OneTrust Scrut TrustArc Privy Leegality Redacto

Breach Management

Detection, containment, notification, and regulatory reporting workflows — designed to meet 72-hour GDPR deadlines and equivalent timelines globally.

72hr Notification Regulator Reporting Containment Plans

Privacy is a fundamental right. We help you honour it.

The regulations shaping data privacy globally

Privacy compliance across 16 jurisdictions

We work to internationally recognised standards

End-to-end privacy advisory & implementation

Privacy practices, engineered into your processes.