Consent
$9/mo
- Per-purpose consent ledger with §8(2) append-only audit proof
- Consent events captured Wix to CMS via signed webhooks
- Cookie and tracker gating (TAG_OVERRIDE enforcement)
- Analytics and advertising scripts blocked until consent
India DPDP Act 2023 · Wix App
DPDPA.support turns any Wix site into a compliant data fiduciary under India's Digital Personal Data Protection Act, 2023 — a per-purpose consent ledger, cookie and tracker gating, data-principal self-service, and a DPO console. Far more than a cookie banner.
Self-hosted · Multi-tenant · Billed securely via Wix
The DPDP Rules 2025 are notified and the Data Protection Board of India is constituted. Two statutory dates now bind every business handling personal data on a Wix site: 13 November 2026, when Consent Manager integration becomes mandatory under Rule 4, and 13 May 2027, when all substantive obligations land — lawful consent, breach reporting, data-principal rights, and security safeguards. These are deadlines, not promotions, and the work of mapping your data, capturing per-purpose consent with proof, and honouring erasure takes time. DPDPA.support gets your site standing on the right side of both — one install, not a legal project.
Rule 4 · Consent Manager integration
13 November 2026
All substantive obligations
13 May 2027
Install DPDPA.support from the Wix App Market. Onboarding reads your site, then asks for just two things: your fiduciary legal name and your DPO email. One click provisions your tenant in the multi-tenant TSI CMS — fiduciary record, app, API keys, and a published policy, with every secret stored in OpenBao per instance, never in code or the browser. From that moment, consent events flow from Wix to the CMS over signed webhooks, your data principals manage everything at your-site/my-data, and withdrawals push back from the CMS to Wix so marketing actually stops. The platform stays self-hosted on our infrastructure; you stay in Wix.
One click from the Wix App Market.
Tenant, API keys & published policy — secrets in OpenBao.
Events flow Wix → CMS over signed webhooks.
Principals self-serve at your-site/my-data.
Grievances, erasure queue & RoPA in one console.
Every consent decision is recorded per purpose with proof of who, what, when, and how — an append-only audit trail built for §8(2) accountability. Consent events flow Wix to CMS via signed webhooks into the TSI CMS, which is your system of record. Webhook envelopes are persisted to an append-only audit store, so when the Board or an auditor asks, the answer is a record, not a recollection.
Analytics and advertising scripts do not fire until the data principal consents. DPDPA.support enforces this through Wix TAG_OVERRIDE: trackers are gated, not just hidden behind a banner. On a real tenant we verified four overrides created and seven trackers gated across analytics and advertising, with re-runs creating zero duplicates. Provisioning auto-enforces gating for new tenants, and the setup page gives you a tracker report plus one-click enforcement.
At your-site/my-data, members are auto-resolved from their Wix identity — no email is ever typed. An OTP step-up confirms identity to that inbox only, the dashboard is tenant-themed, and consent is exposed as per-purpose toggles, both grouped and individual, with accept-all and decline-all. Manage-anytime is built in, and the experience ships in English and Hindi. It is the front door to every right your principals hold.
My Data · आपका डेटा
One click produces a §11 access and portability report spanning eleven Wix data sources — contacts, members, marketing consent, email subscriptions, orders, bookings, form submissions, inbox, invoices, loyalty, and reviews, downloadable as JSON. For §12 erasure, processing stops instantly: consents withdrawn, Wix marketing consent revoked, email subscriptions cancelled, marketing labels stripped. Records then freeze under a documented §8(7) legal hold and auto-purge with proof when the retention clock expires. Withdrawal is two-way — it pushes from the CMS back to Wix so marketing genuinely stops and the contact is unsubscribed.
Your Data Protection Officer gets a real console: a grievance respond-and-action flow for §13, an erasure queue, and principal lookup. Grievances, corrections, and portability requests can be filed and resolved in one place, with consent receipts firing as automation events on grant, withdrawal, and erasure — proven delivering from a tenant's own domain.
Respond & action (§13)
§12 with §8(7) hold
Find any data principal
DPDPA.support can auto-discover where personal data lives across your Wix site, classify it, and auto-map it to DPDP purposes and a Record of Processing Activities — ready for DPB export and breach-scoping. It is the difference between hoping you know your data flows and being able to show them.
On the Intelligence tier, Nexus uses your own LLM key (BYO-key) to power classification — your data, your model, your control. Compass adds GRC posture so you can see where you stand. These are the depth differentiators for fiduciaries who want intelligence on top of compliance, without handing their data to someone else's model.
DPDPA.support is self-hosted and multi-tenant: every tenant's secrets live in OpenBao per instance, sessions are tenant-bound so one site's session is invalid on every other, tenant isolation is enforced fail-closed, and webhooks are verified with RS256 signatures. Errors are tenant-voiced with no infrastructure leakage. Built and operated by CynorSense Solutions Pvt. Ltd., Hyderabad, India, the system of record is the multi-tenant TSI DPDP CMS with an append-only audit store. To be precise about roles: this is the fiduciary's own compliance platform — a consent management platform, not a Board-registered Consent Manager.
Pick the tier that matches your obligations. Every plan is billed securely via Wix, monthly, with no setup fees and no contracts. Prices shown in USD with an INR toggle. Start with consent capture and grow into full DPO tooling and AI-assisted classification as your compliance programme matures.
$9/mo
$19/mo
$39/mo
$79/mo
Monthly pricing, billed securely via Wix. USD / INR toggle at ~83 INR per USD. Transparent pricing, no setup fees, no contracts.
Straight answers on the deadlines, what a consent management platform is (and isn't), whether this is more than a cookie banner, self-hosting and tenant isolation, languages, billing, and how erasure works under legal hold.
The 13 May 2027 deadline does not move. Install DPDPA.support on your Wix site, complete a two-field onboarding, and start capturing consent with proof today. Prefer a walkthrough first? Book a demo and we'll show you the full flow on a test site.