Sovereign AI ready for India.
ReguNav supports India-operating organisations under the DPDP Act 2023 (data fiduciary obligations, consent manager, cross-border review), MeitY IT Rules + AI advisories, RBI banking IT-risk guidelines, SEBI cyber-resilience framework, and IRDAI for insurers. Indian data-residency election available on Enterprise.
India regulator landscape
Every India control on the platform is anchored to a named regulator artefact. When the regulator updates their guidance, the framework registry takes the bump and every dependent control inherits it.
Insurance Regulatory and Development Authority of India
Insurance information & cybersecurityofficial ↗Frameworks anchored in India
India DPDP Act
202316 clauses · 11 controlsIndia's general personal data protection statute. Regulates the processing of digital personal data of Data Principals (individuals) by Data Fiduciaries (determines the purpose + means) and Data Processors. Establishes the Data Protection Board of India as the regulator, sets out lawful bases (consent + 'certain legitimate uses' — DPDP's 'lawful purpose'), rights and duties of Data Principals, additional obligations for 'Significant Data Fiduciaries', a default 'cross-border-transfer-allowed unless restricted' regime, and penalties up to ₹250 crore per breach. Children + persons with disability receive heightened protection (verifiable parental consent + restrictions on tracking + targeted advertising).
India SaaS, fintech, healthcare-AI, or essential-service?
We work with organisations supervised by every regulator listed above. The jurisdiction-aware engine routes incident reports, DSARs, and FRIA submissions to the correct authority + timeline automatically.
Talk to India team →Jurisdiction codes + regulator data are sourced from @regunav/jurisdictions (Apache-2.0, open-source). Adding a new market is a single registry entry — no copy-paste regulator content. See /uk for the bespoke deep-dive template.