Does DPDP apply to SaaS companies?
Yes—SaaS vendors processing customer, employee, or end-user personal data for Indian clients or users are generally Data Fiduciaries or processors with direct obligations.
Subprocessor chains and cross-border hosting must be mapped.
Enterprise customers will expect DPDP-ready DPAs and security attestations.