CRM Core Banking Data Lake API Gateway Vendor S3

DPDPA Compliance · Data Flow Mapping · ROPA

Lightweight data flow mapping.
Built for India's DPDPA.

MithrilMap replaces bloated, expensive compliance platforms with a precise graph-based tool — mapping every data flow across your organisation, generating audit-ready ROPA, and laying the foundation for Data Principal Rights, Consent Management, DPIA, and Breach Management.

Request a Demo See How It Works
ROPA
Auto-generated · Audit Ready
Graph
Neo4j · Nodes + Edges
BYOC
Your Cloud · Your Data

The Problem

Existing tools are built for Europe, not India.

GDPR-era platforms like OneTrust and Collibra cost crores, take months to implement, and were never designed for India's DPDPA framework, RBI mandates, or the operational reality of Indian financial institutions.

⚖️
Not DPDPA Native
Generic tools lack DPDPA-specific fields — lawful basis, cross-border transfer flags, consent artifacts, data principal categories under Indian law.
💸
Prohibitive Cost
Enterprise platforms charge ₹1–5 crore annually. Most Indian banks are paying for features they never use, built for markets they don't operate in.
📊
Manual ROPA
DPO teams maintain ROPA in Excel spreadsheets — error-prone, impossible to keep current, and not audit-ready when the Data Protection Board comes calling.
☁️
SaaS Data Risk
Sending your data topology to a foreign SaaS platform creates the very DPDPA transfer obligations you are trying to document. A compliance contradiction.

The Product

Everything you need. Nothing you don't.

Live Data Flow Graph
CRM Node Core Banking Vendor External Data Lake S3 PII · Consent Cross-border · DPA
01

Visual Graph Mapping of All Data Flows

Every system in your organisation is a node. Every data transfer between them is an edge. Map your entire data ecosystem visually — intranet, internet, third-party vendors, cross-border transfers — on a single interactive canvas.

Attach DPDPA-specific metadata to both nodes and edges: lawful basis, consent status, data categories, retention periods, legal instruments. Fully dynamic — add any field your DPO needs.

Neo4j Graph DB React Flow Canvas Dynamic Properties Cross-border Flags
Auto-generated ROPA Export
System
Data Flow
Lawful Basis
Retention
CRM
→ Core Banking
Consent
180 days
Core Banking
→ Vendor API
Legal Obligation
7 years
Data Lake
→ S3 (US)
Legitimate Use
365 days
API Gateway
→ Analytics
Consent
90 days
↓ Export to Excel
↓ Export to PDF
02

One-click ROPA Generation

Your ROPA is no longer a spreadsheet maintained manually by your DPO. MithrilMap generates your full Record of Processing Activities directly from the live graph — always current, always consistent, always audit-ready.

Export to Excel for regulator submissions. Every processing activity, lawful basis, data category, retention period, and cross-border transfer captured automatically from what you've already mapped.

DPDPA Section 6 Excel Export PDF Export DPB Audit Ready
Maker-Checker Workflow
Analyst drafts new data flow node
DPDPA metadata attached to edge
Submitted for DPO review ← Active
DPO approves — graph updated
Change logged · Audit trail updated
IDAM INTEGRATION
AD Groups → Analyst / Approver / Admin roles
03

Maker-Checker Governance Workflow

No analyst can directly modify your compliance graph. Every change follows a structured maker-checker workflow — draft, submit, review, approve. Full audit trail of who changed what and when.

Integrates with your existing IDAM (Active Directory, LDAP, SAML 2.0, OIDC) — zero new credentials to manage. Roles map directly to your existing AD groups. Deploy in your private cloud, fully within your perimeter.

SAML 2.0 / OIDC Active Directory Full Audit Trail Role-based Access

Product Roadmap

Foundation first. Then everything else.

ROPA and data flow mapping is the graph that every future compliance module builds on. We ship the foundation right before adding complexity.

Phase 01 · MVP
Data Flow Map & ROPA
  • Graph canvas — nodes & edges
  • Dynamic DPDPA metadata
  • Maker-checker workflow
  • ROPA auto-generation
  • Excel / PDF export
  • IDAM / SSO integration
  • Private cloud deployment
Phase 02
DPIA & Risk Assessment
  • DPIA templates linked to graph
  • High-risk processing flags
  • Risk scoring per data flow
  • DPO review workflows
  • Assessment versioning
Phase 03
Consent & Data Principal Rights
  • Consent lifecycle tracking
  • Withdrawal → erasure trigger
  • Data Principal request portal
  • 30-day erasure SLA tracking
  • Consent chain tracing
Phase 04
Breach & Incident Management
  • 72-hour DPB notification
  • Breach linked to affected nodes
  • Incident response workflows
  • Regulatory reporting
  • Post-breach DPIA trigger

About & Contact

Built by someone who has lived this problem.

Anil Rajput
Founder · MithrilMap

MithrilMap was founded by Anil Rajput — IIT Bombay graduate, former Principal Engineer, and Goldman Sachs alumni. With deep firsthand experience inside major Indian financial institutions, Anil built MithrilMap to solve the DPDPA compliance problem that expensive, generic platforms have failed to address.

Visit anilrajput.com →
Work With Us

MithrilMap is currently working with select financial institutions as design partners and early customers. If your team is struggling with DPDPA data flow documentation and ROPA, we would like to hear from you.

contact@anilrajput.com
  • Request a private demo for your compliance team
  • Explore a pilot deployment in your private cloud
  • Partner as a DPDPA auditing or consulting firm
  • Early access for banks and NBFCs