How to Draft a DPDP Privacy Notice
A useful privacy notice should help users understand what data is collected, why it is used, and how the business actually behaves. It should not read like generic policy theater.
Law
Users need clear information, not vague blanket language.
Practice
Map real workflows before writing the notice.
Action
Rewrite notices whenever product or marketing behavior changes.
What to include
- What categories of personal data you collect
- Why you collect and use them
- Where collection happens in the user journey
- How users can reach you or raise requests/complaints
Where teams fail
- Copy-pasting a generic policy that nobody internally can explain
- Letting support, CRM, and lifecycle systems drift outside notice language
- Failing to update notices after workflow changes