1. Who We Are
GoDPDP by TrustLayer provides privacy, consent, cookie intelligence, audit evidence, and governance infrastructure for businesses.
Depending on the context, we may act as a Data Fiduciary for our own operations or as a service provider / processor for client implementations.
2. Personal Data We Collect
Information you provide
- Name, email address, business contact details, and organization information.
- Account, login, support, consultation, and communication details.
- Information submitted through forms, scanner requests, or service interactions.
Technical and usage data
- IP address, browser type, device details, page URL, and usage activity.
- Consent preferences, withdrawal records, banner interactions, and audit logs.
- Cookies, tracker signals, SDK events, and website scan metadata.
3. Purpose of Processing
We process personal data for the following purposes:
- Providing, operating, securing, and improving GoDPDP services.
- Managing consent preferences, withdrawals, evidence logs, and dashboards.
- Responding to enquiries, onboarding clients, and providing support.
- Running website scans, cookie checks, analytics, and compliance workflows.
- Meeting contractual, legal, security, and regulatory obligations.
4. Consent, Choice and Withdrawal
Where consent is required, we seek to capture clear, purpose-specific consent and maintain evidence of user choices.
- You may manage or withdraw consent where applicable.
- Withdrawal does not affect lawful processing already completed.
- Some essential processing may continue where required for security, legal, or service reasons.
5. Cookies and Similar Technologies
We may use cookies and similar technologies for website functionality, authentication, security, consent preference storage, analytics, and performance measurement.
Where applicable, users may manage non-essential cookie preferences through our consent banner or preference controls.
6. Sharing of Personal Data
We do not sell personal data. We may share data with trusted service providers, hosting providers, analytics/security vendors, professional advisors, regulators, or other parties where required to provide services or comply with law.
7. Security and Retention
We use reasonable technical and organizational safeguards to protect personal data against unauthorized access, misuse, alteration, disclosure, or destruction.
Personal data is retained only as long as necessary for the purposes described in this Notice, contractual obligations, legal requirements, security needs, or operational recordkeeping.
8. Your Rights
Subject to applicable law, including the Digital Personal Data Protection Act, 2023, you may have the following rights regarding your personal data:
- Right to access personal data held about you.
- Right to correction of inaccurate or incomplete personal data.
- Right to erasure or deletion of personal data where permitted by law.
- Right to withdraw consent at any time for processing based on consent.
- Right to grievance redressal regarding the processing of your personal data.
- Right to nominate another individual to exercise rights on your behalf where applicable.
To exercise any of these rights, contact us at support@godpdp.com.
9. Updates to this Notice
We may update this Privacy Notice from time to time. Updated versions will be posted on this page with a revised effective date.