Compliance Score & Scans

Privacy Labs continuously monitors your DPDP compliance and provides an actionable score. Understand what we check and how to improve your score.

What Makes Up Your Score

Your compliance score in the dashboard is calculated from your actual platform usage and configuration:

Data Mapping (~17 pts)

Have you completed PII discovery scans? Are tables and sensitive columns identified?

Consent Coverage (~17 pts)

Is the consent banner deployed and actively collecting consent? Is the withdrawal mechanism functional?

DSR Handling (~17 pts)

Are DSR requests being completed within SLA? Any overdue requests?

Data Retention (~17 pts)

Have you configured data retention rules? Are audit logs retained for the required period?

Breach Management (~17 pts)

Is your breach incident response workflow configured? Are DPBI notification deadlines being met? Have past incidents been resolved within required timeframes?

Recommendations (~17 pts)

Have you resolved compliance recommendations? This includes adding DSR/Grievance links to your privacy policy, configuring DPO contact, and addressing security findings.

How Scoring Works

Your compliance score is calculated from multiple factors:

CategoryWeightWhat It Measures
Data Mapping~17%PII discovery completed, tables scanned, critical data identified
Consent Coverage~17%Banner deployed, consent records flowing, withdrawal mechanism active
DSR Handling~17%Completion rate, no overdue requests, SLA compliance
Data Retention~17%Retention policies configured, audit log retention compliant
Breach Management~17%Incident response readiness, DPBI notification compliance, timely resolution
Recommendations~17%Critical tasks resolved (DSR link, grievance link, DPO contact) and security findings addressed

Score Ranges

90-100%
Excellent (Grade A)— Audit-ready. All critical and high-priority items resolved.
75-89%
Good (Grade B)— Mostly compliant. Minor gaps remain.
50-74%
Needs Improvement (Grade C)— Significant gaps. Critical items may be unresolved.
25-49%
Poor (Grade D)— Major compliance failures. Immediate action needed.
0-24%
Critical (Grade F)— Non-compliant. Significant legal risk.

Scan Frequency

  • Automatic scans: Daily at midnight IST
  • Manual scans: Trigger anytime from dashboard
  • On-demand: After configuration changes

Improving Your Score

The dashboard shows specific recommendations to improve your score:

Add DSR submission link to your privacy policy
Add grievance redressal link to your privacy policy
Configure Data Protection Officer contact
Deploy consent banner and verify consent records
Complete PII discovery scan on your databases
Resolve all DSR requests within SLA