ErasureDocs
DPDP

Operational checklist (DPDP)

Practical readiness checklist for privacy operations — not a compliance certificate.

Operational checklist

Use this list to know whether you can run privacy ops with confidence.
It is not a DPDP certification and not legal sign-off.

  • Project exists
  • Purposes configured (required + optional as needed)
  • Notice copy reviewed by your team
  • At least one published consent version
  • Publishable key created and stored safely
  • SDK initialized against published config
  • At least one receipt observed in a test environment

Systems & maps

  • At least one System connected and enabled
  • Health check understood (healthy / degraded / unhealthy)
  • SQL Data Map: entities + identifiers + DELETE/SKIP
  • Non-personal tables ignored or not mapped
  • Execution preview run for a test subject (counts only)

Rights execution

  • Worker process running (jobs do not complete without it)
  • Operational readiness not blocked
  • Test case created for a subject you control
  • Verification VERIFIED before start
  • Case reached COMPLETED or FAILED with timeline visible

Evidence

  • Deletion evidence exported for a test case
  • Consent publish evidence exported if you need “what was live”
  • Team knows evidence limits (not a legal seal)

Org hygiene

  • Roles assigned (Owner / Admin / Viewer)
  • Billing/entitlements sufficient for projects, systems, case volume
  • Secrets and keys not committed to git

States to watch

Readiness stateMeaning
readySignal looks good
attentionReview recommended
blockedFix before confident execution
unknownNot enough signal yet

Readiness is an aggregate of signals—not a weighted “compliance score.”

What to do next

If anything is blocked, follow Getting Started or the relevant Guides.