The DPDP Act is live. Fines reach ₹250 Cr, and every day matters.Run a free check
Sammati
BUILT IN INDIA · DPDP-NATIVE

Privacy your customers can feel.

Sammati turns the DPDP Act from a legal headache into a quiet, dependable layer in your stack. Tamper-proof consent. Every Indian language, on day one. Hosted in your AWS or run for you — your call.

Book a demoSee how it works

₹15L flat per year · On AWS Marketplace · BYOC or managed

WHY ACT NOW

The cost of doing nothing.

₹250 Cr per breach

Penalties scale fast for security-safeguard lapses.

Rules are landing now

MeitY is rolling them out month over month.

22 languages, ready

Every scheduled Indian language, from day one.

Take the 5-minute self-check

No login. No card. Just answers.

5M

Consent writes a month. Built for scale, not slideware.

<200ms

p95 write API. Fast enough to live inside checkout.

99.9%

Uptime SLA. Backed by the platform you already trust.

22

Indian languages. Every voice your customers think in.

How we think about it

Our approach.

Compliance shouldn't feel like paperwork.

Most privacy platforms make your team translate law into product. We do the opposite. Sammati ships as a clean, opinionated layer — hash-chained ledger, MeitY-aligned artifacts, language coverage already done.

You get a record that holds up in court. Your customers get a moment of clarity in the language they actually speak. Quiet, careful, kind.

Built for India, from India

Designed around the Act itself — not adapted from somewhere else.

Most platforms started with GDPR and bolted on DPDP. Sammati was built the other way around. The Act, the MeitY ECF, and India's data-residency rules are baked into line one of code.

01

Hash-chained ledger

Every consent is signed with ECDSA-P256 and chained to the one before it. Mirrored to S3 Object Lock within sixty seconds. Audit-ready by design.

02

22 Indian languages, day one

Every scheduled DPDP language is shipped at launch. Versioned per release. The hosted portal renders in the customer's preferred language — no work from your team.

03

BYOC by default

Provision Sammati into your own AWS via Terraform. Your data, your VPC, your keys. Designed for BFSI and healthcare — not retrofitted.

04

MeitY ECF aligned

Implements the Electronic Consent Framework artifact format. Interoperable with the Account Aggregator ecosystem and Consent Manager rails.

05

All six DPDP rights, handled

Access, correction, erasure, grievance — each with configurable SLA timers (grievance capped at the 90-day statutory ceiling, Rule 14(3)), OTP-verified intake, and an immutable rights-events trail. RAG-backed DPO inbox.

06

Sub-200ms writes

5M consent writes a month, p95 under 200ms. Idempotency-keyed, Redis-backed. Hosted portal loads in under 1.5s on a ₹8K Android phone over 4G.

The whole product, in eight chapters

Eight modules. One ledger. One licence.

Every Sammati deployment ships with the whole platform. No tiers. No feature paywalls. No upsell call six months in.

01

Consent Governance

Purpose repo, immutable artifacts, ECDSA signatures, hash-chained ledger.

02

Notice Management

Versioned notices, two-column translation editor, sector packs.

03

Hosted Consent Portal

Redirect-based flow in 22 languages. Zero frontend work on your side.

04

Server-Side API

Single + bulk consent ingestion, withdrawals, queries. Idempotent writes.

05

Preference Center

OTP-verified self-service portal. View history, toggle purposes, launch rights requests.

06

Rights Management

Access, correction, erasure, grievance — Kanban inbox with configurable SLA timers (90-day grievance ceiling, Rule 14(3)).

07

Cookie Banner + SDK

Per-domain banner, IIFE bundle from /b/*.js, consent + impression analytics.

08

PII & Form Scanner

Crawl-based form discovery, runtime detection, AI classification, compliance score.

Walk through the whole product
Two shapes, one codebase

Run it in your cloud, or let us run it for you.

BYOC for regulated entities who need data residency on their terms. SaaS for teams who'd rather not be on-call for a privacy stack.

RECOMMENDED FOR BFSI

BYOC

Bring your own cloud

Provision Sammati into your own AWS via Terraform. Data never leaves your VPC. Designed for banks, NBFCs, insurance, and hospitals.

  • Terraform deploys RDS, ElastiCache, ECS, ALB, S3, KMS into your VPC
  • Per-tenant ECDSA P-256 signing keys held in your KMS
  • Customer-controlled IAM, Secrets Manager, CloudWatch
  • Air-gappable from public internet for production runs
Explore BYOC

SaaS

Vendor-hosted

Managed deployment in AWS ap-south-1 (Mumbai) with ap-south-2 (Hyderabad) DR. Sign up, integrate, ship — without the infra.

  • Mumbai primary, Hyderabad active DR — both in India
  • Multi-tenant isolation: Postgres RLS + app-layer tenant_id
  • Tenant-scoped KMS keys, encrypted at rest with per-tenant keys
  • Sammati operates patching, backups, on-call, and monitoring
Explore SaaS
See them side-by-side
A real walkthrough, not a pitch

See Sammati in your stack — in thirty minutes.

A live walkthrough of the hosted consent flow, the DPO admin console, and a BYOC Terraform deployment. No slides. No filler.

Book a demoFree DPDP self-check
No slides. No filler. Just the product.