Comply ArkComply Ark

    DataLens · by Comply Ark

    Know where every record of personal data lives.

    DataLens connects to your databases, file stores and SaaS tools, then builds a live inventory of the personal data inside them, classified for the DPDPA and mapped to the purpose it serves.

    From first scan to audit evidence, it keeps you compliant as your data changes.

    The DataLens control centre, mid-discovery-run

    What it does

    Inventory first. Everything else follows.

    Every DPDPA obligation traces back to one question: what personal data do you hold, and why? Most companies answer it with a spreadsheet that was out of date the day it was finished. DataLens answers it continuously, then automates the paperwork that depends on the answer.

    01 · Discover

    A data map that builds itself

    Point DataLens at PostgreSQL, MySQL, MongoDB, S3 buckets and the SaaS tools your teams actually use. The engine samples schemas and metadata, recognises PAN numbers, Aadhaar references, UPI handles, phone numbers and dozens of other Indian identifiers, then adds them to a living inventory.

    When an engineer adds a column next quarter, the map updates. Nobody has to remember the spreadsheet.

    inventory · pg·customerssynced 2m ago
    FieldClassificationPurpose
    pan_numberPANKYC
    aadhaar_last4AADHAARKYC
    phonePHONEService
    emailEMAILService
    dobDOBEligibility
    upi_handleUPI IDPayouts
    dsr queue · this week4 open
    IDRequestSLA
    DSR-0231Access · pri••@gmail.com14d left
    DSR-0229Erasure · ank••@outlook.com3d left
    DSR-0226Correction · ras••@yahoo.inOverdue
    DSR-0225Access · meh••@gmail.comFulfilled
    DSR-0223Nomination · sur••@gmail.comFulfilled

    statutory clock starts at receipt · escalations automatic

    02 · Respond

    Rights requests, handled on time

    When a data principal asks what you hold on them, a statutory clock starts. DataLens already knows where their records live. It routes the request to the right owner, tracks every step against the deadline, and escalates before anything goes overdue.

    Access, correction, erasure and nomination requests all follow the same workflow, and every step is recorded.

    03 · Prove

    Audit answers in minutes

    Every scan, consent change and request lands in a tamper-evident log. When the auditor asks, you export a current RoPA, the consent ledger, or the complete processing history of a single record, each one dated, signed and consistent with what your systems actually do.

    That turns most audit requests into a few minutes of work.

    evidence · exportsTamper-evident
    RoPA_2026-Q2.xlsxGenerated 11 Jun 2026 · signedExport
    consent-ledger.jsonsha256 · 9f41c2…ae07 · continuousExport
    DSR-0226_history.pdfFull processing trail · 14 eventsExport

    every export carries a verifiable signature

    <15days

    Median time to your first inventory

    100+

    Connectors across databases, storage and SaaS

    24/7

    Continuous discovery keeps your inventory and evidence current

    Deployment

    Runs where your data is allowed to live

    Regulated entities rarely get to choose where their data sits. DataLens deploys wherever yours has to stay.

    SaaS

    The fastest way to start, with Indian data residency, isolated tenancy and the same continuous discovery as every other mode.

    Private cloud

    DataLens runs inside your own VPC, so your security team keeps full control of access.

    On-premises

    Full deployment on your hardware, air-gapped if required. Built for banks, insurers and government suppliers.

    Industries

    Built for India's most regulated sectors

    The organisations holding the most personal data feel the DPDPA first. DataLens is built for the realities of each.

    Banking & NBFCs

    The challenge

    PAN, Aadhaar, account and transaction data spread across core banking, loan-origination and dozens of SaaS tools — with RBI obligations layered on top of the DPDPA.

    With DataLens

    One live inventory across every system, data-principal requests tracked against the statutory clock, and audit-ready RoPA your regulator and the Data Protection Board both accept.

    DPDPA 2023

    Compliance Checklist

    COMPLY ARK RESOURCE

    Free resource

    The DPDPA compliance checklist

    The same checklist our consultants open on day one of an engagement. It lists every obligation in implementation order, alongside the clauses that create it.

    We send one email with the checklist and nothing else.

    FAQ

    The questions buyers actually ask

    Next step

    See your data estate in two weeks.

    We start with three of your systems and a two-week scan. You get a live inventory and a gap report to keep, whatever you decide next.