India's Digital Personal Data Protection Act became law in August 20231. The rules were finalised in November 2025. Enforcement begins November 2026, with penalties of up to ₹250 crore. Yet, most enterprises still manage consent through cookie banners that have no connection to their marketing execution layer. Consent is captured in one system. Marketing campaigns fire from another. Attribution runs on a third. When a user withdraws consent, the marketing stack does not know. When a regulator asks for proof, the evidence is scattered across five tools and three teams.Compass, a marketing infrastructure company, is launching NodGuard to close this gap.It is the consent infrastructure for modern marketing. According to the company, NordGuard captures DPDP-compliant consent in 23 Indian languages, enforces consent state across every outbound channel (email, SMS, WhatsApp, CRM, CDP, Conversion APIs) at the point of dispatch, enables consent-verified attribution, and generates tamper-proof audit evidence exportable in one click."The question every CMO should be asking their team right now is: what is our consent rate?" said Adittya Joshi, Co-founder of Compass. "Not whether there’s a cookie banner. Not whether legal signed off on the privacy policy. What percentage of marketing decisions are backed by documented, enforceable, auditable consent? That number determines the quality of every data-driven decision made."How NodGuard worksNodGuard operates on four pillars, which the company calls CORE.Consent captures and persists user consent across sessions and devices, supporting all 23 scheduled languages under Indian law. Consent state is stored persistently at the device level, which is classified as a legitimate operational necessity under DPDP.Orchestration enforces consent across the full marketing stack. When a user withdraws consent, NodGuard blocks non-consented data from reaching downstream platforms within milliseconds. The default behavior on any system failure is to block, never to allow.Resolution enables marketing teams to run attribution on consent-verified data only. The product supports four attribution models, giving CMOs clean measurement without compliance exposure.Evidence generates a tamper-proof audit ledger. Every consent event, every enforcement decision, every lifecycle change is logged immutably. The full audit trail is exportable in one click for DPBI submissions.Deployment and architectureNodGuard is designed to wrap existing marketing stacks rather than replace them. Deployment takes 30 minutes and does not require changes to existing tag management, CRM, or advertising configurations, according to the company. The product runs on India-hosted infrastructure with enterprise-grade security."We built NodGuard for the CTO who needs to sleep at night knowing that a consent withdrawal at 2 AM does not result in a marketing email at 2:01 AM," said Gayathri Maalige, founder of Compass. "And for the DPO who needs to hand a regulator a complete audit trail, not a folder of screenshots."References: https://www.indiacode.nic.in/handle/123456789/22037Disclaimer: The above content is non-editorial, and TIL hereby disclaims any and all warranties, expressed or implied, relating to it, and does not guarantee, vouch for or necessarily endorse any of the content.
Compass launches NodGuard: Consent infrastructure that connects compliance to marketing performance - The Economic Times
India's new data protection law, effective November 2026, mandates robust consent management. Many businesses struggle with fragmented systems, risking hefty fines. Compass launches NodGuard, a consent infrastructure designed to integrate with existing marketing tools. It ensures DPDP compliance by capturing, enforcing, and auditing user consent across all outbound channels, providing CMOs with verifiable data for marketing decisions and DPOs with tamper-proof audit trails.







