India's DPDP Act compliance — solved, not worked around
The Digital Personal Data Protection Act 2023 requires businesses to obtain consent before processing personal data. Most analytics tools — including Google Analytics — set cookies and collect IP addresses, making consent banners mandatory. NeuTarget eliminates this entirely by never collecting personal data in the first place.
Why this matters for your business
NeuTarget is compliant with India's Digital Personal Data Protection Act by design. No cookies, no personal data, no consent banners, no legal overhead.
NeuTarget sets no cookies whatsoever. Under the DPDP Act, no personal data processing means no consent obligation. Your website stays clean, fast, and compliant.
IP addresses are used only for a daily-rotating cryptographic hash (for unique visitor counting) and are never written to disk. There's nothing to leak, breach, or subpoena.
Since NeuTarget never processes personal data on your behalf, most use cases don't require a DPA. Less legal paperwork, fewer compliance costs.
NeuTarget runs on AWS Mumbai (ap-south-1). Your analytics data never leaves Indian borders — no cross-border transfer concerns under DPDP's data localization provisions.
If you serve global visitors, NeuTarget is also compliant with GDPR, ePrivacy Directive, and CCPA. One tool, worldwide compliance.
NeuTarget publishes its complete data collection list transparently. When auditors ask what you track, you have a clear, short answer — no scrambling.
How it works
NeuTarget's tracker script collects only anonymized, non-personal data: page URL, referrer, device type, and load time
Unique visitors are identified by a cryptographic hash of IP + User-Agent + daily salt — the hash resets every 24 hours
Raw IP addresses are never stored in any database or log file
No cookies, localStorage, or sessionStorage are used for tracking purposes
All data is processed and stored on AWS Mumbai servers within India
Frequently asked questions
Is NeuTarget compliant with the DPDP Act 2023?
Yes. NeuTarget doesn't collect, store, or process any personal data as defined under the DPDP Act. This means no consent is required, no Data Protection Officer needs to be notified, and no consent banner is needed.
Do I still need a privacy policy on my site?
Yes — a privacy policy is good practice regardless. But your policy can truthfully state that your analytics tool (NeuTarget) doesn't collect personal data or use cookies.
What about the DPDP Act's data localization requirements?
NeuTarget stores all data on AWS Mumbai (ap-south-1). Analytics data never leaves India. If future DPDP rules mandate data localization for certain categories, NeuTarget is already compliant.
How does NeuTarget compare to Google Analytics under DPDP?
Google Analytics sets cookies, collects IP addresses, and transfers data to US servers — all of which trigger DPDP consent requirements and potential data localization issues. NeuTarget does none of these.
Try it free — live in 2 minutes
Create a free account, paste one script tag, and see dpdp act compliance working on your site immediately.