Consent Management
Per DPDP §6, your consent must be free, specific, informed, unconditional, unambiguous, and as easy to withdraw as to grant. Here is how we operationalise that.
The 6 conditions DPDP §6(1) imposes
- Free. No service is conditioned on irrelevant consent.
- Specific. Each consent grant names exactly one purpose.
- Informed. The purpose, retention, and any sharing are disclosed at the point of consent.
- Unconditional. No "accept all or leave" prompt.
- Unambiguous. A clear affirmative action — never a pre-ticked checkbox or implicit acceptance.
- Indication by clear affirmative action. Click, tap, signature, or equivalent.
Withdrawal must be as easy as grant (§6(5))
Once logged in, you can view every consent you have granted and revoke any in one click. Withdrawal takes effect immediately; we do not require a "reason for withdrawal" or impose any friction. Processing that relied on the withdrawn consent stops at once; data that cannot be retained under any other lawful basis is erased within the SLA in our privacy policy.
Your current consents
Visit /apply (login required) to view and manage your active consent grants. You will see, for each:
- What purpose it covers
- When it was granted
- What data category it authorises
- A one-click revoke button
Consent log integrity
Maitro records explicit application consents for data processing, NDA acknowledgement, and conflict-scan authorization with the application record and operator audit trail. Withdrawal or rights requests route through /trust/dsr and privacy@maitro.tech.
If consent was obtained improperly
If you believe consent was obtained in violation of DPDP §6 (e.g. pre-ticked, dark-patterned, unclear purpose), contact the Grievance Officer at privacy@maitro.tech. We will investigate and, if confirmed, erase the affected data and update our flows.
Children's consent (DPDP §9)
Consent for individuals under 18 requires verified guardian consent. See /trust/under-18 for the verified flow.