Premium guide — free while we launch
Normally ₹999. No card, no signup — read online or save the PDF.
Using AI Safely: Data, Privacy & the DPDP Act
AI agents are useful precisely because they read your customer messages, orders, and documents — which means they touch personal data the moment they go live. India's Digital Personal Data Protection (DPDP) Act, 2023 makes you responsible for that data, even if a model provider does the actual processing. This guide is a plain-English walkthrough for anyone running or buying an agent on WhatsApp, Telegram, email, or in-app chat — no legal background needed.
What your agent actually touches (and why it matters)
Before you can protect data, you have to know what flows through your agent. For a typical support or sales agent on AgentDukaan, that's usually:
| Data type | Examples | Sensitivity |
|---|---|---|
| Contact identifiers | Phone number, WhatsApp ID, email | Medium — identifies a person |
| Conversation content | Complaints, queries, Hinglish chat, photos | Medium-High — may contain anything |
| Transaction data | Order IDs, UPI refs, amounts, GST invoices | High — financial |
| Identity/KYC | PAN, Aadhaar, address, DOB | Very High — avoid unless essential |
| Operational secrets | API keys, tokens, webhook URLs | Critical — not personal data, but a breach multiplier |
The reason this matters: under DPDP, the person whose data it is (the "Data Principal") has rights over it, and you (the "Data Fiduciary") carry the duty to handle it lawfully and securely. A customer pasting their card number into a WhatsApp chat doesn't make it your right to store it — it makes it your problem to handle responsibly.
Do today: list every field your agent receives, stores, or forwards. If you can't name why a field is collected, that's a candidate to stop collecting.
DPDP basics for small businesses
You don't need a compliance department. Three ideas cover most of the practical load:
- Consent must be specific and informed. Vague "by using this you agree to everything" notices don't hold up. Tell people, in clear language (Hindi/English/their language), what you collect and why. For a WhatsApp agent, a first-message notice works: "We use your messages to answer your query and process orders. Reply STOP to opt out."
- Purpose limitation. Collect data for a stated purpose, use it only for that. Phone numbers collected for order updates can't be quietly repurposed into a marketing blast — that's a separate consent.
- Retention limits. Don't keep data forever "just in case." When the purpose ends (order delivered, query closed), the clock starts. Decide a retention window per data type and delete on schedule.
The Act also expects you to act on Data Principal rights: access, correction, and erasure ("delete my data"). Have a simple way — even a monitored email — for someone to ask, and a process to actually do it. Children's data (under 18) needs verifiable parental consent, so if your agent might reach minors, be cautious.
Reality check: enforcement and the final Rules are still settling, and this guide isn't legal advice. But the direction is clear, and good hygiene now costs little and saves a lot later.
Sending data to AI models: do and don't
Every prompt you send to a model is a data transfer. Treat the prompt itself as a place where leaks happen.
Do:
- Minimise. Send the model only what it needs to answer. A refund query needs the order ID and issue, not the customer's full profile.
- Mask identifiers before sending where you can. Replace a phone number with
customer_47and map it back in your own code. - Use providers and settings that don't train on your data, and prefer business/enterprise tiers that offer this contractually.
- Keep a record of which model/provider sees which data.
Don't:
- Paste Aadhaar, PAN, full card numbers, CVV, OTPs, or passwords into a prompt. Strip these out — ideally block them at input.
- Log full prompts containing PII into plaintext files or third-party analytics.
- Forward customer photos/documents to a model unless the task genuinely requires it.
Here's a redaction instruction you can prepend to any agent's system prompt:
Before processing or storing any message, redact the following from
the text you output and from any logs: Aadhaar numbers, PAN, full
debit/credit card numbers, CVV, bank account numbers, OTPs, and
passwords. Replace each with a placeholder like [REDACTED-AADHAAR].
If a customer sends such data, do not repeat it back; instead say:
"For your safety, please don't share that here." Continue helping
with the rest of their request normally.
For more on writing prompts that behave reliably, see Prompt Engineering for Real Business Tasks.
Securing keys, logs, and PII
A huge share of real-world incidents aren't fancy hacks — they're a leaked API key or a log file full of phone numbers.
- Keys: never hard-code secrets in source you sell or share. Use environment variables, rotate keys periodically, and use separate keys per environment. If you buy source code on AgentDukaan, regenerate every key before going live. If you sell, ship with placeholder secrets only.
- Logs: logs are where PII quietly accumulates. Redact before writing, set log retention (e.g. 30 days), and restrict who can read them. Don't pipe raw chat logs into spreadsheets shared on WhatsApp groups.
- PII at rest: store the minimum, encrypt where you can, and lock down database access. Use role-based access — your part-time helper doesn't need the full customer table.
- Channels: WhatsApp and Telegram are transport, not vaults. Don't treat a chat thread as your permanent customer record; pull what you need into a controlled store and let the chat age out.
If you're putting an agent into production, the The Production-Ready Agent Checklist covers the operational side alongside this.
Vendor and sub-processor hygiene
When you run an agent, you're rarely alone — there's the model provider, the hosting platform, maybe an SMS/email gateway, and the marketplace. Under DPDP these are your Data Processors, and you stay accountable for them.
- Keep a short list of every vendor that touches customer data and what they get.
- Prefer vendors who publish a data-processing stance and a way to delete data.
- Pick a data region you're comfortable with; know whether data leaves India.
- When you change vendors, ensure the old one deletes what they held.
- Buying done-for-you setup or a hosted agent? Ask the seller which sub-processors are involved before you rely on it.
A simple privacy checklist
Run through this before launch and re-check quarterly:
- I can list every personal-data field my agent collects and why
- Customers see a clear, plain-language notice about data use
- I have a stated purpose per field and don't reuse beyond it
- Retention windows are set and old data is actually deleted
- PII like Aadhaar/PAN/card numbers is blocked or redacted before reaching the model
- No secrets are hard-coded; keys are rotated and per-environment
- Logs are redacted, access-controlled, and time-limited
- I have a working channel for "access / correct / delete my data" requests
- I have a list of vendors/sub-processors and what each receives
- If minors may use the agent, I've considered parental consent
Next steps
- Run the checklist above against one live or planned agent today and fix the first two gaps you find.
- Add the redaction prompt to your agent's system prompt and test it with a fake Aadhaar/card number.
- Write a one-line data notice for your WhatsApp/Telegram first message.
- When you're ready to launch responsibly, browse privacy-conscious agents at AgentDukaan or, if you build, sell yours at AgentDukaan — and the Help Center is there if a specific data question comes up.
Good privacy isn't a tax on your agent; it's what lets customers trust it enough to keep chatting.
More in Trust & Safety
Want the agent, not just the guide?
Browse ready-made AI agents or list your own on AgentDukaan.