Skip to content
checkDPDP
Scan

Guide

Meet Suraksha — checkDPDP's DPDP Act AI assistant (now with a full-page chat)

Suraksha is checkDPDP's India-trained DPDP Act AI assistant. Ask anything about the Act 2023 or Rules 2025 — Section 5 notices, consent banners, breach reporting, your rights — and get Section-grade answers in plain English. Now upgraded with a full-page ChatGPT-style UI at /suraksha.

24 Jun 2026 · 6 min read

Suraksha is the AI assistant baked into every page of checkDPDP. She answers DPDP-specific questions — consent banners, Section 5 notices, breach reporting, Data Principal rights, Significant Data Fiduciary obligations, cross-border transfers, children's data, penalty math — in plain English, with the relevant Section cited. She refuses everything else, on purpose, because a focused assistant gives better answers than a generalist one.

**Two ways to use Suraksha.** First, the floating widget that sits in the bottom-right corner of every checkDPDP page. Click it to open a compact chat panel, type a question, get an answer. Second, the new full-page UI at [/suraksha](/suraksha). It's a ChatGPT-style layout with a wide column, prompt starters, full message history and a 'Talk to a human' jump to [/dpdp-connect](/dpdp-connect) when you need more than the assistant can give. The floating widget has an expand icon in its header that jumps to the full-page version with one click.

**What Suraksha actually knows.** Every section of the DPDP Act 2023 from Section 1 to Section 44. The DPDP Rules 2025 as notified by MeitY on 13–14 November 2025. The 10-category framework the [scanner](/scan) uses. The full checkDPDP tools catalogue and what each tool fixes. The current top India-headquartered consent managers ranked daily at [/consent-managers](/consent-managers). The five Data Principal rights at Sections 11–14 and how to exercise them. The Section 33(2) penalty-math framework. The 72-hour breach-notification window and the parallel notice to affected Data Principals.

**What Suraksha will refuse.** General coding questions unrelated to DPDP. Jokes, recipes, weather, sports. Other Indian laws (tax, IPC, contract law) unless you're comparing them to the DPDP Act. Personal opinions and political questions. The refusal is one sentence — Suraksha doesn't lecture, doesn't add disclaimers, doesn't try to be helpful out of scope. The point is to keep every conversation high-signal.

**The routing rule.** This is the bit that makes Suraksha actually useful in production. When you ask Suraksha a question, she's been instructed to route you to the right next action based on intent. If you want an INSTANT score you can act on yourself, she sends you to [/scan](/scan). If you want a FULL AUDIT with admin-dashboard credentials, she sends you to [/free-audit](/free-audit). If you want a WRITTEN REPLY from a human specialist on a specific question, she sends you to [/dpdp-connect](/dpdp-connect). If you want to keep chatting in a roomier UI, she sends you to [/suraksha](/suraksha). Every routing recommendation comes with a one-line 'Why this:' rationale so you know why she picked it.

**How the answers stay grounded.** Suraksha is grounded in a structured knowledge base that lives at [src/lib/chatbot/knowledge.ts](https://github.com/) and refreshes whenever we ship a new tool, page or blog post. That knowledge base names every page on the site so Suraksha never invents URLs (a real failure mode in generalist chatbots). It encodes the routing rule, the DPDP scope, the refusal rule, and the editorial style we use across the site so her replies match our voice. The underlying model is Mistral with a key pool that lets us stay on the free tier for the volume we currently serve.

**Privacy of the conversation.** Suraksha is gated behind the cookie banner — until you've made a consent decision, the chat widget doesn't even render. Every message you send is stored with a session ID (not your identity) so we can detect popular questions and add them to our content roadmap. After the first two messages we ask for your email to unlock detailed answers — that's how we sustain the free tier. You can withdraw consent at any time at [/consent](/consent) and your record will be erased; we respond to erasure requests within 30 days.

**What Suraksha cannot do (and won't pretend to).** Suraksha is not a lawyer. For specific compliance decisions — a Section 9 question about your edtech's age-gate, a Section 16 question about your AWS region selection, a real breach in progress — you need a qualified DPDP DPO and ideally an India-resident lawyer. Suraksha will tell you this explicitly and link you to [/dpdp-connect](/dpdp-connect) or [/find-grievance-officer](/find-grievance-officer) for the human-loop step.

**Try it now.** [Open the full-page Suraksha at /suraksha](/suraksha) and try one of the prompt starters. Or click the floating widget on any page and ask whatever's on your mind. The first two messages are free with no email; after that, share your email and Suraksha unlocks the longer, link-rich answers that walk you through the exact pages and tools to use next. If at any point you'd rather talk to a human, every Suraksha response includes a 'Talk to a human' jump to [/dpdp-connect](/dpdp-connect) where a real specialist replies within 1 business day.

Note. Guidance, not legal advice. For specific compliance decisions, please consult a qualified data-protection lawyer.

← All posts