Sanad · Compliance infrastructure for India
सनद — हर अनुपालन का प्रमाणिक रिकॉर्ड।
DPDP 2025 and CERT-In evidence on a single platform. Ed25519 signatures rooted in TPM 2.0, per-tenant SHA-256 hash chain — verifiable offline by any auditor without trust in our servers. Indian-domiciled, Indian-patented, Indian-funded.
Who uses Sanad
State administrations
Multi-tenant oversight across schools, MSMEs, clinics, hospitals — all in your jurisdiction. Bulk CSV onboarding, signed quarterly reports, GeM-procurement-ready.
Pilots ₹15–50L (one-time) · Verify API ₹2–₹2,000 per call
See live demo →
SDFs · fintech · AI · SaaS
Significant Data Fiduciaries and growth-stage SaaS that handle personal data. Full DPDP toolchain — consent, rights, incidents, DPIA, RoPA, vendor DPAs, breach playbook.
From ₹49,000 / year (SaaS) to ₹49,000 / month (SDF)
Start free audit →
School · MSME · clinic · hospital
Provisioned by your district or state administration as sub-tenants. Pre-loaded sector-specific policies, lightweight UX, parental-consent (DPDP §9) flow first-class for schools.
From ₹40,000 / year — typically paid by your Authority
Activation help →
What’s inside
DPDP §6 · §7
Granular purpose-bound consent capture with revocation, audit trail, and per-tenant Ed25519 signature on every receipt.
DPDP §11–§14
Access, correction, erasure and grievance flows wired to your DPO inbox. SLA-tracked, evidence-stamped.
DPDP §8(6) · CERT-In Dir. 12
6-hour CERT-In window and 72-hour DPB notification playbook with one-click filing, log preservation and chain-of-custody.
DPDP §10 · §11
Sector-specific DPIA templates, processing register, and signed Data Processing Agreements with every sub-processor.
CERT-In Dir. 1–17
TPM-anchored Windows agent. Continuous evidence collection for 7 automated CERT-In directives (logs, clock, patches, encryption, inventory, prohibited software, EDR posture).
Public API
Cryptographically signed compliance state for any tenant. Insurers, lenders, district administrations and auditors can verify offline without trusting our servers.
Read more →
How Sanad works
01
Sentinel agent and in-app workflows capture DPDP & CERT-In evidence at the point of action — no manual log copy-pasting.
02
Per-tenant Ed25519 signs every event. BEFORE-INSERT trigger writes it into a SHA-256 hash chain. Any auditor can replay from genesis and detect a single bit of tampering.
03
Auditors, insurers, district administrations verify with three open-source SDKs — no account, no API call, no trust in our servers.
Built on
Sanad is built by COGNOSHIFT PRIVATE LIMITED — a DPIIT-recognised Haryana-domiciled startup with four provisional patents in regulatory compliance technology. Every byte of customer data, signing key, and audit log sits in India.
Next step
Pick the door that fits — state administration, SaaS, or sub-tenant — and we’ll route you to the right onboarding flow.