India’s Digital Personal Data Protection (DPDP) Act is reshaping how companies handle personal data. For SaaS businesses operating in India or serving Indian users, privacy compliance is moving beyond policy documents into everyday operational decisions. This article explores the regulatory trajectory leading to 2026, the expectations emerging around consent, data minimisation, breach preparedness, and contractual accountability, and what SaaS companies must begin preparing f