A system and method for unified consent-based access controlled data flow in digital supply chain
The system addresses the challenge of fragmented data flow in digital supply chains by implementing unified consent-based access control with contextual rules and privacy threat modeling, ensuring transparent and compliant data handling across complex ecosystems.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- PRIVASAPIEN TECH PTE LTD
- Filing Date
- 2025-12-18
- Publication Date
- 2026-06-25
AI Technical Summary
Existing digital supply chain frameworks lack a unified, adaptive, and interoperable mechanism for ensuring controlled, transparent, and compliant data flow across complex ecosystems, often relying on siloed architectures, static policies, and centralized consent registries that introduce single-point dependencies and lack contextual linkage.
A system and method for unified consent-based access control that captures user permissions with granular preference details, evaluates potential risks, and ensures continuous oversight through structured lifecycle documentation, using contextual rules and privacy threat modeling to embed safeguards across interconnected processing points.
Enables transparent and compliant data handling by ensuring adherence to user choices and regulatory obligations, maintaining confidentiality and regulatory compliance through encryption, anonymization, and secure multi-party compute, while providing real-time visibility and auditability.
Smart Images

Figure IB2025063155_25062026_PF_FP_ABST
Abstract
Description
[0001] A SYSTEM AND METHOD FOR UNIFIED CONSENT-BASED ACCESS CONTROLLED DATA FLOW IN DIGITAL SUPPLY CHAIN
[0002] EARLIEST PRIORITY DATE:
[0003] This Application claims priority from a Provisional patent application filed in India having Patent Application No. 202441101488, filed on December 20, 2024, and titled “A SYSTEM AND METHOD FOR UNIFIED CONSENT BASED CONTROLLED DATA FLOW IN DIGITAL SUPPLY CHAIN”.
[0004] FIELD OF INVENTION
[0005] Embodiments of the present disclosure relate to the field of a data handling framework utilizing an integrated authorization driven approach across digitally connected ecosystems to oversee the flow of information and more particularly a system and method for unified consent-based access controlled data flow in digital supply chain.
[0006] BACKGROUND
[0007] In a modern digital supply chain environment, data flow refers to the continuous exchange, processing, and movement of the information across interconnected platforms, services, and operational entities. With the rise of automation, distributed computing, and cross-platform integrations, the need for structured data flow emerged to support seamless coordination, real-time visibility, and efficient decision-making across diverse systems. As these environment expanded, there is a significant need to ensure that information moves reliably and coherently. These preventive measures form an essential pillar for maintaining smooth ecosystemwide operations and enable a large-scale digital interactions.
[0008] The existing system for regulated data flow in digital ecosystems predominantly rely on predefined rulesets, standardized protocols, and governance framework designed to monitor and control how information moves between components. These include policy-based access control, distributed ledger mechanisms, federated identity systems, audit-driven monitoring, and risk-based authorization models that determine permissible exchanges of data. Some frameworks also incorporate centralized consent registries, wherein approvals or preferences are logged and referenced to validate certain data interactions, though these often operate as isolated checkpoints rather than fully integrated controls across the entire ecosystem.
[0009] Despite significant advancement the existing frameworks exhibit predominant limitations, particularly in their fragmented implementation across multiple components of a digital supply chain. Additionally, many existing frameworks rely heavily on siloed architectures, static policies, or manual configuration processes, thereby resulting in inconsistent oversight when data traverses interconnected systems. Furthermore, centralized consent registries also introduce shortcomings, such as single-point dependency, lack of contextual linkage throughout the entire data lifecycle, and limited adaptability to dynamic processing environment.
[0010] Moreover, the existing systems lacks inadequate visibility into end-to-end information pathways, insufficient mechanisms to correlate authorization conditions with downstream processing, and the absence of cohesive structures that unify validation, monitoring, risk evaluation, and regulatory assurance. As a result, existing systems often fail to offer a holistic, adaptive, and interoperable mechanism capable of ensuring controlled, transparent, and compliant data flow across complex digital supply chain ecosystems.
[0011] Hence, there is a need for an improved a system and method for unified consentbased access controlled data flow in digital supply chain which addresses the aforementioned issue(s). OBJECTIVES OF THE INVENTION
[0012] The primary objective of the invention is to establish a unified framework that governs user authorizations and data interactions across a digital supply chain in a structured and transparent manner. The system aims to enable individuals to exercise their data privacy and data subject rights through an accessible interface where requests can be raised, reviewed, or withdrawn as needed. Further, the system ensures that each approval is digitally acknowledged and securely registered, forming the basis for controlled downstream processing. This creates a traceable and verifiable environment for overseeing how user information enters and moves within organizational operations.
[0013] Another objective of the invention is to provide a systematic approach for capturing user permissions with granular preference details and linking them with subsequent processing conditions. The proposed system seeks to embed contextual rules that shape how data may be used, shared, or stored in alignment with declared user choices. Additionally, the system is adapted to evaluate potential risks associated with intended operations before data handling begins, enabling proactive identification of sensitive points. This allows the digital ecosystem to operate with built-in safeguards that remain consistent across interconnected processing points.
[0014] Yet another objective of the invention is to ensure continuous oversight of information processing activities through structured lifecycle documentation. The system supports a user-initiated actions such as access, correction, or deletion through a standardized form-based mechanism that respects individual participation rights. It further maintains transparency by providing visibility into each organizational activity involving user information. This ensures accountability in how data is treated throughout its operational journey.
[0015] Yet another objective of the invention is to unify authorization conditions, data flow pathways, and compliance requirements into an integrated structure capable of ensuring controlled information movement. The system applies data protection impact assessment processes to evaluate potential privacy risks before operations begin and utilizes privacy threat modelling to identify potential vulnerabilities across the digital supply chain. The system tracks how information propagates after approval to ensure alignment with user choices and regulatory obligations. Additionally, a plurality of mathematical and computational assurance mechanisms are employed to validate compliance across all stages of data processing.
[0016] SUMMARY
[0017] In accordance with an embodiment of the present disclosure, a system for unified consent-based access controlled data flow in digital supply chain is disclosed. The system includes a processor, a memory coupled to the processor, wherein the memory includes instructions that when executed by the processor cause the processor to obtain a user consent prior to initiation of a data collection operation, wherein the user consent is being captured in correspondence with a plurality of contextual parameters comprising time, source, and purpose of a consent. Additionally, the processor is caused to record a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable an authorization validation for subsequent data processing activities and uniquely indexed for retrieval in course of a data access. Furthermore, the processor is caused to generate a consent reference corresponding to the plurality of recorded consent by creating a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation. Moreover, the processor is caused to regulate a data flow in accordance with the consent reference by controlling access, transmission, and processing of a user data within a digital supply chain environment, wherein the regulated flow ensures adherence to a plurality of stored consent preferences. Moreover, the processor is caused to evaluate privacy risks prior to initiation of a data processing operation by analysing attributes of at least one of a data category, processing purposes, and recipient entities, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure. Moreover, the processor is caused to assess the plurality of identified potential vulnerabilities by determining an impact severity and establish a protection control corresponding to each of the plurality of identified potential vulnerability to govern continuation of the data processing operation in accordance with the impact severity. Moreover, the processor is caused to analyse the data flow paths across a plurality of communicatively coupled processing environments to identify a plurality of exposure points associated with a sensitive data. Moreover, the processor is caused to establish a secure data transfer route configured to control transmission among the communicatively coupled processing environments, wherein the secure data transfer routes are defined in accordance with an assigned protection requirement based on at least one of a data requestor role, data protection impact assessment approval, business processes and logic to establish a consent based access control and prevent an unauthorized access in course of a data exchange. Moreover, the processor is caused to apply a plurality of privacy -preserving controls in course of a consent-based access control of data handling by executing at least one of a protection technique comprising an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation. Moreover, the processor is caused to maintain a record of processing activities by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency. Moreover, the processor is caused to link a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent to the corresponding recorded processing activity, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data-subject operation. Moreover, the processor is caused to monitor an execution of a data deletion operation corresponding to an authorized user-initiated request and verify an irreversible and secure erasure of an associated personal data upon completion of the data deletion operation. Moreover, the processor is caused to generate verifiable compliance proofs by applying at least one of a mathematical, cryptographic, and computational model configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity. Moreover, the processor is caused to present an integrated operational interface configured to consolidate at least one of a consent, protection, and compliance outputs, thereby providing a unified visualization of the ongoing data flow, applied safeguards, and compliance verification in a real time based on a changing consent of a user.
[0018] In accordance with an embodiment of the present disclosure, a method for unified consent-based access controlled data flow in digital supply chain is disclosed. The method includes obtaining, by utilizing a plurality of contextual parameters comprising time, source, and purpose of a consent, a user consent prior to initiation of a data collection operation. Additionally, the method includes recording, by an authorization validation, a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable subsequent data processing activities and uniquely indexed for retrieval in course of a data access. Furthermore, the method includes generating, by the plurality of recorded consent, a consent reference corresponding to create a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation. Moreover, the method includes regulating, by controlling access, transmission, and processing of a user data within a digital supply chain environment, a data flow in accordance with the consent reference, wherein the regulated flow ensures adherence to a plurality of stored consent preferences. Moreover, the method includes evaluating, by analysing attributes of at least one of a data category, processing purposes, and recipient entities, a privacy risks prior to initiation of a data processing operation, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure. Moreover, the method includes assessing, by determining an impact severity, the plurality of identified potential vulnerabilities and establish a protection control corresponding to each of the plurality of identified vulnerability to govern continuation of the data processing operation in accordance with the impact severity. Moreover, the method includes analysing, by an evaluation of dataflow paths across a plurality of communicatively coupled processing environments, a plurality of exposure points associated with sensitive data. Moreover, the method includes establishing, by defining a secure data-transfer route configured to control transmission among the communicatively coupled processing environments, a consent-based access control and prevent unauthorized access during data exchange, wherein the secure data-transfer route is being defined in accordance with an assigned protection requirement based on at least one of a data-requestor role, a data-protection-impact-assessment approval, business processes, and logic. Moreover, the method includes applying, by executing at least one of a protection technique, a plurality of privacy-preserving controls in course of a consent based access control of data handling, wherein the protection technique comprises at least one of an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation. Moreover, the method includes maintaining, by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, a record of processing activities, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency. Moreover, the method includes linking, by the recorded processing activity, a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data- subject operation. Moreover, the method includes monitoring, an execution of a data-deletion operation corresponding to an authorized user-initiated request, an irreversible and secure erasure of associated personal data upon completion of the data-deletion operation. Moreover, the method includes generating, by applying at least one of a mathematical, cryptographic and computational model, a verifiable compliance proofs, wherein the mathematical, cryptographic and computational model are configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity. Moreover, the method includes presenting, by consolidation of at least one of consent, protection, and compliance outputs in an integrated operational interface, a unified visualization of ongoing data flow, applied safeguards, and real-time compliance verification based on a changing consent of a user.
[0019] To further clarify the advantages and features of the present disclosure, a more particular description of the disclosure will follow by reference to specific embodiments thereof, which are illustrated in the appended figures. It is to be appreciated that these figures depict only typical embodiments of the disclosure and are therefore not to be considered limiting in scope. The disclosure will be described and explained with additional specificity and detail with the appended figures.
[0020] BRIEF DESCRIPTION OF THE DRAWINGS
[0021] The disclosure will be described and explained with additional specificity and detail with the accompanying figures in which:
[0022] FIG. 1 illustrates a network environment for a system for unified consent-based access controlled data flow in digital supply chain in accordance with an embodiment of the present disclosure;
[0023] FIG. 2 illustrates a schematic diagram of a user device of FIG. 1, in accordance with an example implementation of the present subject matter; FIG. 3 illustrates a schematic diagram of the system for unified consent-based access controlled data flow in digital supply chain of FIG. 1, in accordance with an embodiment of the present disclosure;
[0024] FIG. 4 illustrates a flow diagram of the data flow in the system for unified consentbased access controlled data flow in digital supply chain of FIG. 1, in accordance with an embodiment of the present disclosure;
[0025] FIG. 5 (a) is a flow chart representing the steps involved in a method for unified consent-based access controlled data flow in digital supply chain in accordance with an embodiment of the present disclosure; and
[0026] FIG. 5 (b) illustrates continued steps of the method of FIG. 5 (a) in accordance with an embodiment of the present disclosure.
[0027] Further, those skilled in the art will appreciate that elements in the figures are illustrated for simplicity and may not have necessarily been drawn to scale. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the figures by conventional symbols, and the figures may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the figures with details that will be readily apparent to those skilled in the art having the benefit of the description herein.
[0028] DETAILED DESCRIPTION
[0029] For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe them. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended. Such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as would normally occur to those skilled in the art are to be construed as being within the scope of the present disclosure.
[0030] The terms “comprises”, “comprising”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such a process or method. Similarly, one or more devices or subsystems or elements or structures or components preceded by "comprises... a" does not, without more constraints, preclude the existence of other devices, sub-systems, elements, structures, components, additional devices, additional sub-systems, additional elements, additional structures or additional components. Appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but not necessarily do, all refer to the same embodiment.
[0031] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are only illustrative and not intended to be limiting.
[0032] In the following specification and the claims, reference will be made to a number of terms, which shall be defined to have the following meanings. The singular forms “a”, “an”, and “the” include plural references unless the context clearly dictates otherwise.
[0033] A system for unified consent-based access controlled data flow in digital supply chain is disclosed. The system includes a processor, a memory coupled to the processor, wherein the memory includes instructions that when executed by the processor cause the processor to obtain a user consent prior to initiation of a data collection operation, wherein the user consent is being captured in correspondence with a plurality of contextual parameters comprising time, source, and purpose of a consent. Additionally, the processor is caused to record a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable an authorization validation for subsequent data processing activities and uniquely indexed for retrieval in course of a data access. Furthermore, the processor is caused to generate a consent reference corresponding to the plurality of recorded consent by creating a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation. Moreover, the processor is caused to regulate a data flow in accordance with the consent reference by controlling access, transmission, and processing of a user data within a digital supply chain environment, wherein the regulated flow ensures adherence to a plurality of stored consent preferences. Moreover, the processor is caused to evaluate privacy risks prior to initiation of a data processing operation by analysing attributes of at least one of a data category, processing purposes, and recipient entities, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure. Moreover, the processor is caused to assess the plurality of identified potential vulnerabilities by determining an impact severity and establish a protection control corresponding to each of the plurality of identified potential vulnerability to govern continuation of the data processing operation in accordance with the impact severity. Moreover, the processor is caused to analyse the data flow paths across a plurality of communicatively coupled processing environments to identify a plurality of exposure points associated with a sensitive data. Moreover, the processor is caused to establish a secure data transfer route configured to control transmission among the communicatively coupled processing environments, wherein the secure data transfer routes are defined in accordance with an assigned protection requirement based on at least one of a data requestor role, data protection impact assessment approval, business processes and logic to establish a consent based access control and prevent an unauthorized access in course of a data exchange. Moreover, the processor is caused to apply a plurality of privacy -preserving controls in course of a consent-based access control of data handling by executing at least one of a protection technique comprising an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation. Moreover, the processor is caused to maintain a record of processing activities by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency. Moreover, the processor is caused to link a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent to the corresponding recorded processing activity, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data-subject operation. Moreover, the processor is caused to monitor an execution of a data deletion operation corresponding to an authorized user-initiated request and verify an irreversible and secure erasure of an associated personal data upon completion of the data deletion operation. Moreover, the processor is caused to generate verifiable compliance proofs by applying at least one of a mathematical, cryptographic, and computational model configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity. Moreover, the processor is caused to present an integrated operational interface configured to consolidate at least one of a consent, protection, and compliance outputs, thereby providing a unified visualization of the ongoing data flow, applied safeguards, and compliance verification in a real time based on a changing consent of a user.
[0034] FIG. 1 illustrates a network environment for a system for unified consent-based access controlled data flow in digital supply chain in accordance with an embodiment of the present disclosure. Referring to FIG. 1, a user (120) may be any individual interacting with a digital service and is adapted to review, provide, or withdraw permissions governing the use of their personal information. Through a user device (125), the user (120) accesses digital notices describing categories of data usage including sales, marketing, analytics, or third-party sharing and selects the approvals they intend to grant. The system (100) receives these selections, processes them into a structured and high-level authorization representation, and associates the resulting preferences with subsequent data handling operations. The user (120), through the user device (125), remains capable of modifying or retracting these choices, enabling continuous alignment between declared preferences and the system’s (100) controlled data flow (365, fig 3) across the digital supply chain. The user (120) is further characterized by the ability to initiate data-related requests and to authenticate interactions through secure digital acknowledgements. The user (120) also participates as a dynamic decision-maker whose evolving preferences directly influence how organizational systems treat and propagate personal information. Further, the user (120) may access the system (100) over a network (115). Examples of the user device (125) includes, but is not limited to, a mobile phone, desktop computer, portable digital assistant (PDA), smart phone, tablet, ultra-book, netbook, laptop, multi-processor system, microprocessor-based or programmable consumer electronic system, or any other communication device that the user (120) may use. It will be appreciated that the system (100) may be presented to the user (120) on a corresponding user device (125) as a web application accessed through a browser, through a software application on the user device (125), or, particularly for smartphones, through a mobile application installed at the smartphone. It will be appreciated that, within the context of the disclosure herein, web application refers to a utility implemented on a networked computing system accessible by user device (125) over the Internet (e.g. through browsers) wherein the bulk of the processing takes place at the networked computing system, mobile applications refer to applications installed on smartphones that may communicate with a networked computing system, and a “software” application refers generally to applications other than web browsers installed on other types of user device (125) that may communicate with a networked computing system over the network (115).
[0035] The network (115) may be a single communication network or a combination of multiple communication networks and may use a variety of different communication protocols. The network (115) may be a wireless network, a wired network, or a combination thereof. Examples of the network (115) includes, but is not limited to, Global System for Mobile Communication (GSM) network, Universal Mobile Telecommunications System (UMTS) network, Personal Communications Service (PCS) network, Time Division Multiple Access TDMA) network, Code Division Multiple Access (CDMA) network, Next Generation Network (NON), Public Switched Telephone Network (PSTN). Depending on the technology, the network (115) may include various network entities, such as gateways and routers, however, such details have been omitted for the sake of brevity of the present description.
[0036] The system (100) may have a homepage that is presented to the user (120), accessing a top-level web address for web applications presented to the user (120) in a browser or a welcome screen for software and mobile applications. The homepage is adapted to serve as the primary data dashboard and presents users (120) with an interactive interface for bias detection and reflective evaluation using adaptive simulated interactions. The users (120) navigate this interface to upload datasets, customize views, and extract meaningful insights efficiently. The homepage may include links to a user log-in interface or general information about the system (100). It will be appreciated that the presentation of a homepage may not be necessary, for example, the user (120) may bypass initial interaction layers and directly initiate the unified consent-based form processing to the system (100). In such cases, the user (120) can access authorized modules and trigger system- defined evaluation processes without navigating intermediate steps. This enables streamlined execution of assigned functions while remaining within authenticated operational boundaries. A new or unregistered user (120), can access the user log-in interface, fill out the log-in information corresponding to the user's account, and indicate that the user (120) wishes to sign in. It will be appreciated that any conventional registration and log-in techniques for web applications, software application, and mobile applications may be used, whichever is appropriate for the user (120). While registering the user (120) may be prompted to provide username and corresponding user credentials, not limited to, password, geographical location, and contact information and upon receipt of the foregoing information, a corresponding userprofile may be created and stored on a respective database (395, fig 3) of the system (100).
[0037] Additionally, the network (115) environment includes consent capture (130) adapted to represent the successful acquisition of user (120) authorization, typically collected when a user (120) interacts with a digital notice or preference form through a user device (125). It reflects the user’s (120) acknowledgement of how their information may be used, shared, or processed and is associated with contextual elements such as timing, source, and purpose of approval. Consent capture (130) can take various forms, including checkbox selections, digital signatures, or layered consent banners. The consent capture (130) records an explicit and verifiable expression of user (120) intent. In the proposed system (100) it forms the foundational element that anchors all subsequent authorization-related operations.
[0038] Furthermore, the network (115) environment includes a structured data repository (140). The structured data repository (140) functions as an organized storage space that maintains consent capture (130) entries in a traceable and indexed manner. It uses structured formats, schema-based layouts, or metadata tagging to ensure clarity and precision in retrieval. Such repositories are designed to preserve the integrity and availability of stored consent information over time. Additionally, the structured data repository (140) support efficient referencing as data moves across different operational layers. Each stored entry remains uniquely identifiable for later verification.
[0039] Moreover, the network (115) environment includes a consent reference (140) adapted to be utilized as a distinct identifier that symbolizes a user’s (120) recorded preferences in a compact and linkable form. It may take the shape of a numeric code, a hashed value, or an alphanumeric token aligned with internal indexing schemes. This reference maintains a consistent association with the original consent entry, ensuring continuity when the system (100) cross-checks data operations with the user-defined conditions. Additionally, the consent reference (140) enables seamless tracking of authorization status across different processes. Such identifiers help maintain coherent traceability throughout data usage paths.
[0040] Moreover, the network (115) environment includes a plurality of potential vulnerabilities (145). These plurality of potential vulnerabilities (145) represents a point within a processing environment where sensitive information may face undue exposure or risk. These risks may stem from factors such as data type sensitivity, intended processing purposes, or the roles of recipient entities. They may also include technical gaps like unsecured channels or inadequate access oversight. Identifying such potential vulnerabilities (145) allows heightened attention to areas needing stronger safeguards. Their recognition forms the basis for establishing proportionate protective measure for the system (100).
[0041] Moreover, the network (115) environment includes protection control (150). The protection control (150) refers to a safeguard or rule applied to mitigate risks associated with identified potential vulnerabilities (145). Examples include access limitations, supervisory approvals, or tiered restrictions based on evaluated severity. These protection controls (150) are designed to match the level of risk identified and maintain regulated movement or usage of sensitive information. They help shape the boundaries within which data can be handled. Their application ensures that operations proceed only under appropriate protective conditions. Moreover, the network (115) environment includes secure data transfer routes (155) utilized as a designated pathway that ensure safe and controlled transmission of information across connected processing environments. These secure data transfer routes (155) may employ encrypted channels, role-based routing decisions, or segmented paths that restrict unnecessary exposure. They are defined to match the sensitivity of data (210), the nature of the requesting entities, or the required operational logic. Such secure data transfer routes (155) help sustain trust in multiparty digital ecosystems. They preserve controlled communication as data (210) moves between interconnected units.
[0042] Moreover, the network (115) environment includes privacy -preserving controls (160) adapted to include techniques such as encryption, anonymization, pseudonymization, and masking applied to reduce identifiability of sensitive information. These measures protect confidentiality while allowing legitimate operations to continue. The privacy-preserving controls (160) may be applied before transmission, during processing, or at rest, depending on the system’s (100) architecture. Their application aligns with the level of exposure or sensitivity encountered. These controls support responsible handling of information in regulated environments.
[0043] Moreover, the network (115) environment includes compliance (165). Typically, the compliance (165) represents adherence to legal, regulatory, and organizational standards governing data (210) usage. The compliance (165) relies on documented evidence, audit-ready records, and verifiable operational consistency to demonstrate conformity. A plurality of mathematical or computational validation mechanisms may be applied to produce objective proofs of adherence. Additionally, the compliance (165) ensures that data (210) handling remains transparent, accountable, and aligned with governing policies. It forms a critical assurance layer for organizations operating within regulated ecosystems.
[0044] Moreover, the network (115) environment includes an integrated operational interface (170) adapted to serve as a unified display layer presenting key outputs such as authorization preferences, applied protective measures, and compliance indicators. It may be implemented as a dashboard or interactive panel offering realtime visualization of system behaviour. This integrated operational interface (170) is adapted to aggregate diverse operational elements into a coherent view that supports oversight and decision-making. It enables monitoring of ongoing data flows (365, fig 3) alongside associated safeguards. Such integration enhances situational awareness for managing complex digital environments.
[0045] In accordance with an embodiment of the present disclosure, a system for unified consent-based access controlled data flow in digital supply chain is disclosed. The system (100) includes a processor (105, fig 2), a memory (110, fig 2) coupled to the processor (105, fig 2), wherein the memory (110, fig 2) includes instructions that when executed by the processor (105, fig 2) cause the processor (105, fig 2) to obtain a user consent prior to initiation of a data collection operation (355, fig 3), wherein the user consent is being captured in correspondence with a plurality of contextual parameters comprising time, source, and purpose of a consent. Additionally, the processor (105, fig 2) is caused to record a plurality of consent in a structured data repository (135) configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable an authorization validation for subsequent data processing activities and uniquely indexed for retrieval in course of a data access (360, fig 3). Furthermore, the processor (105, fig 2) is caused to generate a consent reference (140) corresponding to the plurality of recorded consent by creating a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference (140) is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation. Moreover, the processor (105, fig 2) is caused to regulate a data flow (365, fig 3) in accordance with the consent reference (140) by controlling access, transmission, and processing of a user data (210, fig 2) within a digital supply chain environment, wherein the regulated data flow (365, fig 3) ensures adherence to a plurality of stored consent preferences. Moreover, the processor (105, fig 2) is caused to evaluate privacy risks prior to initiation of a data processing operation (370, fig 3) by analysing attributes of at least one of a data category, processing purposes, and recipient entities, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities (145) associated with a corresponding mitigation measure. Moreover, the processor (105, fig 2) is caused to assess the plurality of identified potential vulnerabilities (145) by determining an impact severity and establish a protection control (150) corresponding to each of the plurality of identified potential vulnerability (145) to govern continuation of the data processing operation (370, fig 3) in accordance with the impact severity. Moreover, the processor (105, fig 2) is caused to analyse the data flow (365, fig 3) paths across a plurality of communicatively coupled processing environments to identify a plurality of exposure points associated with a sensitive data (375, fig 3). Moreover, the processor (105, fig 2) is caused to establish a secure data transfer route (155) configured to control transmission among the communicatively coupled processing environments, wherein the secure data transfer route (155) are defined in accordance with an assigned protection requirement based on at least one of a data requestor role, data protection impact assessment (390, fig 3) approval, business processes and logic to establish a consent based access control and prevent an unauthorized access in course of a data exchange. Moreover, the processor (105, fig 2) is caused to apply a plurality of privacy-preserving controls (160) in course of a consent-based access control (180, fig 4) of data (210, fig 2) handling by executing at least one of a protection technique comprising an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data (375, fig 3), thereby aligning the privacy-preserving controls (160) with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation (370, fig 3). Moreover, the processor (105, fig 2) is caused to maintain a record of processing activities by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data (380, fig 3), wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency. Moreover, the processor (105, fig 2) is caused to link a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent to the corresponding recorded processing activity, wherein each request is correlated with a predefined consent reference (140) and an operational metadata to enable a controlled and auditable execution of a data-subject operation (382, fig 3). Moreover, the processor (105, fig 2) is caused to monitor an execution of a data deletion operation (385, fig 3) corresponding to an authorized user- initiated request and verify an irreversible and secure erasure of an associated personal data (387, fig 3) upon completion of the data deletion operation (385, fig 3). Moreover, the processor (105, fig 2) is caused to generate verifiable compliance (165) proofs by applying at least one of a mathematical, cryptographic, and computational model configured to validate an adherence of an executed data processing operation (370, fig 3) to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity. Moreover, the processor (105, fig 2) is caused to present an integrated operational interface (170) configured to consolidate at least one of a consent, protection, and compliance (165) outputs, thereby providing a unified visualization of the ongoing data flow (365, fig 3), applied safeguards, and compliance (165) verification in a real time based on a changing consent of a user (120).
[0046] It may be noted that the foregoing system (100) is an exemplary system and may be implemented as computer executable instructions in any computing or processing environment, including in digital electronic circuitry or in computer hardware, firmware, device driver, or software. As such, the system (100) is not limited to any specific hardware or software configuration.
[0047] FIG.2 illustrates a schematic diagram of a user device (125) of FIG. 1, in accordance with an example implementation of the present subject matter. Referring to FIG. 2, the user device (125) may comprise a processor(s) (105), a memory(s) (110) coupled to and accessible by the processor(s) (105), and an interface (215) coupled to the memory(s) (110). The user device (125) disclosed herein may be same as the user device (125) described in FIG. 1. The functions of various elements shown in the figs., including any functional blocks labelled as "processor(s) (105)", may be provided through the use of dedicated hardware as well as hardware capable of executing instructions. When provided by a processor (105), the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared. Moreover, explicit use of the term "processor (105)" would not be construed to refer exclusively to hardware capable of executing instructions, and may implicitly comprise, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA). Other hardware, standard and / or custom, may also be coupled to the processor(s) (105). The user device (125) may further include a display (205) in addition to other components such as, but not limited to, keyboard, sensors, logic circuits etc. Further, the user device (125) may include data (210) which may include data (210) including data collection operation (355, fig 3), data access (360, fig 3), data flow (365, fig 3), data processing operations (370, fig 3), sensitive data (375, fig 3), processed data (380, fig 3), data subject operation (382, fig 3), data deletion operation (385, fig 3), personal data (387, fig 3), and data protection impact assessment (390, fig 3) that may be stored in the database (395), utilized or generated during the operation of the user device (125).
[0048] The memory(s) (110) may be a computer-readable medium, examples of which comprise volatile memory (e.g., RAM), and / or non-volatile memory (e.g., Erasable Programmable read-only memory, i.e. EPROM, flash memory, etc.). The memory(s) (110) may be an external memory, or internal memory, such as a flash drive, a compact disk drive, an external hard disk drive, or the like. The user device (125) may further include an interface (215) that may allow the connection or coupling of the user device (125) with one or more other devices, through a wired (e.g., Local Area Network, i.e., LAN) connection or through a wireless connection (e.g., Bluetooth®, Wi-Fi), for example, for connecting to the system (100) shown in FIG. 1. The interface (215) may also enable intercommunication between different logical as well as hardware components of the user device (125). FIG. 3 illustrates a schematic diagram of the system for unified consent-based access controlled data flow in digital supply chain of FIG. 1, in accordance with an embodiment of the present disclosure. Referring to FIG. 3, the system (100) include a processor(s) (105), a memory(s) (110) coupled to and accessible by the processor(s) (105), database (395) and a user interface (398) coupled to the memory(s) (110).
[0049] The system (100) disclosed herein is the same as the system (100) described in FIG.
[0050] 1. The functions of various elements shown in the figs., including any functional blocks labelled as "processor(s)", may be provided through the use of dedicated hardware as well as hardware capable of executing instructions. When provided by a processor, the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared. Moreover, explicit use of the term "processor" would not be construed to refer exclusively to hardware capable of executing instructions, and may implicitly comprise, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA). Other hardware, standard and / or custom, may also be coupled to the processor(s) (105). The system (100) may further include other components such as, but not limited to, keyboard, sensors, logic circuits, input / output interfaces etc. Further, the system (100) may include data (not shown) which may include data that may be stored, utilized or generated during the operation of the computer implemented system (100).
[0051] The memory(s) (110) may be a computer-readable medium, examples of which comprise volatile memory (e.g., RAM), and / or non-volatile memory (e.g., Erasable Programmable read-only memory, i.e. EPROM, flash memory, etc.). The memory(s) (110) may be an external memory, or internal memory, such as a flash drive, a compact disk drive, an external hard disk drive, or the like. The system (100) may further include the user interface (398) that may allow the connection or coupling of the system (100) with one or more other devices, through a wired (e.g., Local Area Network, i.e., LAN) connection or through a wireless connection (e.g., Bluetooth®, Wi-Fi)., for example, for connecting to the user device (125) including the one or more entity as shown in FIG. 1. The user interface (398) may also enable intercommunication between different logical as well as hardware components of the system (100).
[0052] The system (100) may be provided with a database (395) to store a plurality of data (210) including data collection operation (355), data access (360), data flow (365), data processing operations (370), sensitive data (375), processed data (380), data subject operation (382), data deletion operation (385), personal data (387), and data protection impact assessment (390). In an example implementation of the system (100) including one or more servers, the databases (395) may be local to the server or may be remote to the server. It may be noted that the data (210) in the databases (395) may be stored as a table or may be pre-stored as a mapping with the other. This application is not limited thereto.
[0053] The system (100) may include module(s). The module(s) may include a consent capture module (305), a flow control module (310), a risk analysis module (315), a threat mapping module (320), a protection module (325), an activity record module (330) and an operation dashboard module (335). In one example, the module(s) may be implemented as a combination of hardware and firmware. In an example described herein, such combinations of hardware and firmware may be implemented in several different ways. For example, the firmware for module(s) may be processor (105) executable instructions stored on a non-transitory machine- readable storage medium and the hardware for the module(s) may include a processing resource (for example, implemented as either single processor or combination of multiple processors), to execute such instructions. Further, the hardware for the module(s) may include communication apparatuses, control circuitries involving electrical and electronics components, sensors, and interface devices, which may be in communication with each other for multi-directional communication there between. The system (100) may further include engine(s). The engine(s) include a preference index engine (340), a request handling engine (345) and a compliance engine (350). The engine(s) may be implemented as a combination of hardware and programming, for example, programmable instructions to implement a variety of functionalities of the engine(s). In examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the engine(s) may be executable instructions. Such instructions may be stored on a non-transitory machine-readable storage medium which may be coupled either directly with the system or indirectly (for example, through networked means). In an example, the engine(s) may include a processing resource, for example, either a single processor (105) or a combination of multiple processors (105), to execute such instructions. In the present examples, the non- transitory machine-readable storage medium may store instructions that, when executed by the processing resource, implement engine(s). In other examples, the engine(s) may be implemented as electronic circuitry.
[0054] Further, the system (100) includes data (210). The data (210) may include data (210) that is either stored or generated as a result of functions implemented by the system (100). It may be further noted that information stored and available in data (210) may be utilized for performing various functions by the system (100). In an example, data (210) may include data collection operation (355), data access (360), data flow (365), data processing operations (370), sensitive data (375), processed data (380), data subject operation (382), data deletion operation (385), personal data (387), and data protection impact assessment (390). It may be noted that such examples of the various functions are only indicative. The present approaches may be applicable to other examples without deviating from the scope of the present subject matter.
[0055] In the present examples, the non-transitory machine-readable storage medium may store instructions that, when executed by the processing resource, implement the functionalities of modules(s). In such examples, the system (100) may include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions. In other examples of the present subject matter, the machine-readable storage medium may be located at a different location but accessible to the system (100) and the processor(s) (105).
[0056] In operation, the consent capture module (305) is configured to obtain a user consent prior to initiation of a data collection operation (355), wherein the user consent is being captured in correspondence with a plurality of contextual parameters comprising time, source, and purpose of a consent. The consent capture module (305) initiates a pre-collection interaction to obtain the user consent before any data collection operation (355) is triggered. The data collection operation (355) refers to a system-triggered process that acquires specific user-related information based on an authorized purpose, such as gathering location logs for service optimization or capturing activity metadata for compliance auditing. It operates by invoking predefined data access routines that extract only the permitted data elements aligned with the captured consent parameters. The data collection operation (355) functions under controlled workflows, ensuring that each data retrieval remains restricted to the contextual scope defined at the time the user consent was obtained. The consent capture module (305) aligns these parameters with the operational workflow to ensure that user consent is contextually bound to the intended data usage. The system (100) further structures the captured parameters into a verifiable consent record that precedes the data collection operation (355).
[0057] Additionally, the consent capture module (305) is configured to record a plurality of consent in a structured data repository (135) configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable an authorization validation for subsequent data processing activities and uniquely indexed for retrieval in course of a data access (360). The consent capture module (305) records a plurality of consent entries into the structured data repository (135), where each entry is organized with uniquely indexed attributes to retain a verifiable trace of the user-approved conditions. The consent capture module (305) embeds contextual markers into every stored record so that the structured data repository (135) maintains a persistent and query-ready mapping of authorization details. This indexed structure ensures that whenever the system (100) triggers any downstream data processing activity, the stored consent profile can be validated against the operational requirements without ambiguity or redundancy.
[0058] Additionally, the data access (360) operates as a controlled retrieval mechanism that references the uniquely indexed consent entries to confirm whether a requested data (210) element aligns with the scope of authorized use. It leverages structured lookups within the structured data repository (135) to cross-verify each requested operation and only permits extraction when the mapped consent parameters match the intended purpose. This integrated sequence ensures that every data access (360) remains anchored to the recorded authorization framework, maintaining compliance and traceability throughout the processing workflow.
[0059] Additionally, in operation, the preference index engine (340) is configured to generate a consent reference (140) corresponding to the plurality of recorded consent by creating a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference (140) is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation. The preference index engine (340) processes the plurality of recorded consent entries to generate the consent reference (140) by assigning a distinct consent identifier that encapsulates user-specific data usage preferences and links them to the corresponding stored consent records for consistent traceability. Typically, the consent identifier is a unique tag that the system (100) creates to label the user’s consent record. It helps the system (100) to quickly find and check the correct consent whenever data (210) is used. This identifier remains associated with each recorded entry within the structured repository (135), enabling an organized mapping of authorization parameters. During any data access (360), the system (100) utilizes the consent reference (140) as a retrieval anchor, allowing the access workflow to validate whether the requested operation aligns with the mapped preferences. The data access (360) mechanism performs a targeted lookup across the linked consent entries and proceeds only when the intended use complies with the associated preference conditions. This integrated interaction ensures that every retrieval follows the established preference pathway defined through the consent reference (140).
[0060] In one embodiment, the preference index engine (340) is configured to synchronize generation of the distinct consent identifier with a plurality of recorded consent attributes to ensure a consistent enforcement of a user-specified preferences throughout the data flow (365). The preference index engine (340) operates by generating a distinct consent identifier, which serves as a unique reference linked to the user’s (120) approved choices, and synchronize this distinct consent identifier with the plurality of recorded consent attributes to maintain consistency across all processing actions. The preference index engine (340) aligns these attributes during creation of the distinct consent identifier so that each user-specified preference is accurately embedded within the consent record. The distinct consent identifier functions as a stable pointer used throughout the data flow (365) to determine how the associated data may be accessed, transmitted, or utilized. By coordinating this distinct consent identifier with the underlying consent attributes, the system (100) ensures uniform and reliable enforcement of the user’s (120) selections at every stage of data handling.
[0061] Furthermore, in operation, the flow control module (310) is configured to regulate a data flow (365) in accordance with the consent reference (140) by controlling access, transmission, and processing of a user data (210) within a digital supply chain environment, wherein the regulated flow ensures adherence to a plurality of stored consent preferences. The flow control module (310) regulates the data flow (365) by using the consent reference (140) as the governing parameter for each access, transmission, or processing request involving the user data (210). It interprets the mapped preferences contained within the consent reference (140) and aligns the movement of the data (210) with the allowed usage conditions stored in the consent repository. The flow control module (310) applies control rules that restrict or permit the flow across interconnected system components, ensuring that every interaction complies with the predefined consent boundaries. As the data flow (365) progresses through the digital supply chain environment, the flow control module (310) continuously validates each step against the referenced preferences.
[0062] In one embodiment, the flow control module (310) is configured to facilitate a coordinated communication among distributed functional units by executing a server-hosted operation adapted to enable a scalable and bidirectional exchange of consent-related and compliance data. The flow control module (310) is configured to manage a coordinated communication among distributed functional units by running a server-hosted operation that supports scalable, bidirectional exchange of consent-related and compliance data. It ensures that information flows smoothly between multiple system (100) elements, regardless of their location or operational load. The flow control module (310) dynamically routes requests, responses, and updates so that each participating unit receives the required data at the correct time. Its bidirectional capability allows both upstream submissions and downstream confirmations to occur in real time. By regulating sequencing, prioritization, and delivery of data packets, it prevents congestion and operational conflicts. This controlled exchange ultimately enhances system (100) responsiveness and maintains consistent trust, integrity, and reliability in all consent and compliance interactions.
[0063] Moreover, in operation, the risk analysis module (315) is configured to evaluate privacy risks prior to initiation of a data processing operation (370) by analysing attributes of at least one of a data category, processing purposes, and recipient entities, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities (145) associated with a corresponding mitigation measure. The potential vulnerabilities (145) represent points where data (210) may face risks such as unauthorized access, excessive data exposure, or inadequate safeguards during transfer. Examples may include sharing sensitive identifiers with an unverified recipient entity or processing data under an ambiguous purpose classification. Within the system (100), these potential vulnerabilities (145) act as markers that guide the application of targeted controls, ensuring that each identified weakness is addressed before the data processing operation (370) proceeds.
[0064] The risk analysis module (315) evaluates privacy risks before a data processing operation (370) begins by examining attributes linked to at least one of the data category, the intended processing purposes, and the entities that may receive the data (210). The risk analysis module (315) interprets these attributes to derive a structured assessment that reveals conditions were exposure, misuse, or unauthorized propagation could occur. The evaluation result then highlights a set of potential vulnerabilities (145), each mapped to an appropriate mitigation measure to align subsequent processing with the assessed risk level. Through this layered analysis, the risk analysis module (315) ensures that every processing activity is preceded by a quantified understanding of the associated privacy exposure.
[0065] Additionally, the risk analysis module (315) is configured to assess the plurality of identified potential vulnerabilities (145) by determining an impact severity and establish a protection control (150) corresponding to each of the plurality of identified potential vulnerability (145) to govern continuation of the data processing operation (370) in accordance with the impact severity. The risk analysis module (315) assesses the identified potential vulnerabilities (145) by determining the impact severity associated with each condition, using predefined evaluation parameters that quantify how strongly a potential vulnerability (145) may influence the data processing operation (370). It then correlates each assessed vulnerability with a suitable protection control (150), selected in accordance with the measured severity level to ensure that stronger risks receive proportionately stricter safeguards. The risk analysis module (315) aligns these protection controls (150) with the ongoing processing context so that every applied measure directly reflects the evaluated exposure. Through this structured assessment and assignment, the risk analysis module (315) governs whether and how the data processing operation (370) may continue, ensuring that the applied protection control (150) matches the specific vulnerability profile revealed during analysis.
[0066] In one embodiment, the risk analysis module (315) is configured to dynamically link privacy risk evaluation with threat level to adaptively modify a plurality of protection parameters in response to a real-time detection of a plurality of potential vulnerabilities (145). The risk analysis module (315) is configured to dynamically connect privacy risk evaluation with the prevailing threat level, enabling the system (100) to respond intelligently to changing conditions. It continuously interprets realtime signals related to potential vulnerabilities (145) and correlates them with the sensitivity of the data (210) being processed. Based on this assessment, the risk analysis module (315) adaptively modifies a plurality of protection parameters to strengthen safeguards where needed. This includes adjusting detection thresholds, tightening access controls, or elevating monitoring intensity. The adaptive mechanism associated with the risk analysis module (315) ensures that protection measures remain proportional to the evolving threat landscape. As a result, the system (100) maintains a resilient and proactive defence posture without manual intervention.
[0067] Moreover, in operation, the threat mapping module (320) is configured to analyse the data flow (365) paths across a plurality of communicatively coupled processing environments to identify a plurality of exposure points associated with a sensitive data (375). The threat mapping module (320) analyses the data flow (365) as it moves across multiple communicatively coupled processing environments, tracing each transfer path to detect points where sensitive data (375) may be exposed. The threat mapping module (320) examines the structure, routing, and inter-system interactions to highlight locations where unauthorized access, leakage, or interception could occur. The evaluation correlates these exposure points with the nature of the sensitive data (375), which includes information classified as confidential due to its ability to identify an individual or cause harm if misused, including but not limited to a financial identifiers, health records, and authentication credentials. By mapping these data flow (365) paths and associating each segment with its sensitivity level, the threat mapping module (320) identifies where stronger safeguards must be applied to maintain controlled handling throughout the data flow (365).
[0068] Moreover, in operation, the protection module (325) is configured to establish a secure data transfer route (155) configured to control transmission among the communicatively coupled processing environments, wherein the secure data transfer route (155) are defined in accordance with an assigned protection requirement based on at least one of a data requestor role, data protection impact assessment (390) approval, business processes and logic to establish a consent based access control and prevent an unauthorized access in course of a data exchange. The data protection impact assessment (390) functions as a structured evaluation that examines how a planned data handling workflow may affect privacy, particularly for sensitive information or large-scale processing activities. In the system (100), the data protection impact assessment (390) supplies an approval reference indicating whether a specific transmission path meets required safeguards. For example, a workflow involving cross-border data transfer may only be permitted if the data protection impact assessment (390) confirms adequate protection measures. This approval contributes directly to defining the secure data transfer route (155), ensuring that each data exchange proceeds in accordance with both regulatory expectations and the corresponding consent condition.
[0069] The protection module (325) establishes a secure data transfer route (155) by analysing the transmission pathways between the communicatively coupled processing environments and assigning protection requirements that correspond to the sensitivity and handling conditions of the user data (210). It evaluates parameters such as the role of the data requestor, the approved data protection impact assessment (390) and the governing business logic to determine how data (210) should move across systems (100) under a consent-based access control. The secure data transfer route (155) is structured to ensure that only authorized entities can initiate or receive a data exchange, thereby preventing interception or misuse during transmission.
[0070] Additionally, the protection module (325) is configured to apply a plurality of privacy-preserving controls (160) in course of a consent-based access control (180, fig 4) of data (210) handling by executing at least one of a protection technique comprising an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data (375), thereby aligning the privacy-preserving controls (160) with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation (370). The data processing operation (370) refers to any structured activity performed on user data (210), including operations such as collection, classification, transformation, analysis, or sharing with downstream entities. For example, preparing user (120) records for analytics, generating personalized service outputs, or transferring account details to a verified service provider are all instances of such operations carried out within the regulated framework. The system (100) aligns each privacy-preserving control (160) with the assessed risk conditions so that the handling of the data (210) remains safeguarded throughout storage, transmission, or internal processing stages. The protection module (325) executes these techniques in a structured sequence that ensures the confidentiality of the information and keeps each action consistent with applicable regulatory obligations during the data processing operation (370).
[0071] In one embodiment, the protection module (325) is configured to describe a consent management architecture in which the consent capture (130) and the consent reference (140) are operatively combined to form a consent manager (175), as illustrated in Fig. 4, for generating, storing, and validating user (120) consent in a machine-readable manner. The consent manager (175) interfaces with a consentbased access control (180) configured to regulate the flow of user data (210) strictly in accordance with an active and authenticated consent state. Upon receipt and verification of user consent, the consent-based access control (180) selectively permits access to personally identifiable information (PII) while otherwise preventing unauthorized data propagation. The system (100) applies a plurality of data protection mechanisms comprising encryption, anonymization, masking, and secure multi-party computation to sensitive data elements. The secure multi-party computation employs multiple pass-key authentication types, including a userbased consent key and a Data Protection Impact Assessment (DPIA)-based authorization key. Only upon successful authentication of both pass-key types does the consent-based access control (180) enable controlled release and processing of the user data (210) in compliance with the validated consent.
[0072] In one embodiment, the protection module (325) is configured to implement a protection technique by dynamically determining and applying a context-specific privacy -preserving control (160) based on at least one of the data requestor’s role, the request purpose, the discovered data risk, the user’s consent, the assessment of legitimate use, applicable data-sharing policies, and a data-protection impact assessment (390) derived from the evaluated threat level. The protection module (325) is configured to operate a protection technique by first interpreting the data requestor’s role, the request purpose, and the user’s consent in relation to the accessed information. It then correlates these inputs with the discovered data risk and the assessment of legitimate use to determine whether the request aligns with permissible handling conditions. The protection module (325) further incorporates applicable data-sharing policies and a data-protection impact assessment (390) generated from the evaluated threat level. Using this combined context, the protection module (325) dynamically selects a suitable privacy-preserving control (160) and applies it to the data operation in real time. This coordinated evaluation and application process ensures that the selected control consistently matches the situational privacy requirement.
[0073] Additionally, the protection module (325) is configured to select and enforce an appropriate protection technique in a situational and context-aware manner rather than applying a fixed control. The protection mechanism is dynamically determined based on multiple evaluated factors, including the role and purpose of the data requestor, the associated data risk, the user’s consent state, and an assessment of legitimate use. Additional inputs such as applicable data-sharing policies and a data- protection impact assessment derived from the current threat level further influence the selection. Depending on these conditions, the system (100) may apply encryption, masking, tokenization, or secure multi-party computation-based controls. Furthermore, a decryption or re-identification is permitted only when the consent state and defined business and compliance conditions are simultaneously satisfied.
[0074] Moreover, in operation, the activity record module (330) is configured to maintain a record of processing activities by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data (380), wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency. The activity record module (330) maintains a record of processing activities by capturing structured operational details that describe the nature, purpose, category, and recipient of the processed data (380). The processed data (380) refers to the user data (210) that has undergone one or more operations including but not limited to classification, transformation, filtering, or preparation for transmission. Examples may include a user profile normalized for analytics, transaction details compiled for regulatory reporting, or consent-linked identifiers prepared for controlled sharing with an authorized service provider. The activity record module (330) enables the system (100) to store these details in a retrievable format, allowing the system (100) to generate an auditable history that reflects how the data (210) was handled at each stage of the workflow. The activity record module (330) organizes the entries so that any later verification of handling consistency can be performed without altering the stored information, thereby ensuring traceability across all processing events. In one embodiment, the activity record module (330) is configured to maintain and chain a temporal audit records, wherein the temporal audit records are chronologically linked to a preceding and subsequent event, thereby establishing an immutable audit trail. The activity record module (330) maintains temporal audit records by generating event entries that are chronologically linked to both preceding and subsequent events, creating a continuous event chain. Each record is anchored within this sequence to prevent alteration or reordering, thereby preserving the integrity of the stored history. This chaining mechanism establishes an immutable audit trail that accurately reflects the evolution of system (100) activities over time.
[0075] Moreover, in operation, the request handling engine (345) is configured to link a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent to the corresponding recorded processing activity, wherein each request is correlated with a predefined consent reference (1 0) and an operational metadata to enable a controlled and auditable execution of a data- subject operation (382). Typically, the data-subject operation (382) refers to any action initiated by a user (120) concerning their personal data (387), such as viewing stored information, modifying inaccurate details, requesting removal of outdated records, or retracting prior permissions. Additionally, the data-subject operation (382) represents the user’s (120) exercise of data rights within the system (100) and functions as a structured command that the platform must process in alignment with the stored consent and activity history. The request handling engine (345) links a user-initiated request such as an access inquiry, correction update, deletion instruction, or withdrawal of the user consent to the corresponding recorded processing activity by mapping the request to a predefined consent reference (140). The request handling engine (345) further associates the request with operational metadata so that the system (100) can route and execute the action in a controlled manner aligned with the previously documented data flow (365). Through this correlation, the request handling engine (345) ensures that every invoked operation follows an auditable path, allowing the system (100) to verify that the request is processed in accordance with the user-specific permissions and historical records. Additionally, the request handling engine (345) is configured to monitor an execution of a data deletion operation (385) corresponding to an authorized user- initiated request and verify an irreversible and secure erasure of an associated personal data (387) upon completion of the data deletion operation (385). The request handling engine (345) tracks the progression of a data deletion operation (385) initiated through an authorized user (120) request by continuously referencing the corresponding activity and consent records. The request handling engine (345) observes each stage of the deletion workflow to confirm that the process aligns with the predefined operational parameters and the user’s (120) permitted actions. As the deletion progresses, the request handling engine (345) applies verification checks to ensure that the personal data (387) targeted for removal is fully and permanently erased from all relevant storage environments. The operation is marked complete only after the request handling engine (345) confirms that no retrievable traces remain, thereby validating that the erasure is irreversible and securely executed within the system (100).
[0076] In one embodiment, the request handling engine (345) is configured to correlate a user-initiated data deletion operation (385) with the recorded processing activities and validates completion by confirming irreversible removal of the associated personal data (387) from storage repositories. The request handling engine (345) correlates the user-initiated data deletion operation (385) with previously recorded processing activities to ensure that the request aligns with the tracked lifecycle of the corresponding data. It then verifies completion by checking each relevant storage repository to confirm that the associated personal data (387) has been irreversibly removed. Through this coordinated validation, the request handling engine (345) ensures that the deletion is both complete and compliant with required data-handling conditions.
[0077] Moreover, in operation, the compliance engine (350) is configured to generate verifiable compliance (165) proofs by applying at least one of a mathematical, cryptographic, and computational model configured to validate an adherence of an executed data processing operation (370) to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity. The compliance (165) refers to the measurable confirmation that data handling practices satisfy legal or policybased requirements, such as privacy laws, retention mandates, and consent-based usage limits. In the proposed system (100), the compliance (165) is achieved by comparing recorded operations such as data transfers, consent usage, or erasure events against a set of predefined obligations. For example, verifying that personal data (387) was deleted within a mandated time frame or ensuring that processing occurred only under active consent are forms of compliance validation within the system (100).
[0078] Additionally, a zero-knowledge proof mechanism is employed to cryptographically establish that a required action or authorization has been validly performed without disclosing any underlying or repeatable information associated with that action. The zero-knowledge proof enables the consent manager (175) and the consent-based access control (180) to verify compliance with a consent condition while preventing exposure of sensitive identifiers or transactional details. Such verification confirms the occurrence and validity of an event without revealing the source attributes, content, or metadata of the event itself. This approach ensures that proof of execution is independently verifiable yet non-constructible, thereby eliminating the risk of reuse or inference of personal data (387). By integrating zero-knowledge proof techniques, the system (100) enforces privacy-preserving validation while maintaining trust and auditability across consent-governed data flows.
[0079] Additionally, the compliance engine (350) generates verifiable compliance (165) proofs by applying mathematical, cryptographic, and computational models that examine whether an executed data processing operation (370) aligns with applicable regulatory conditions. It analyses operational metadata, referenced consent parameters, and documented processing activities to confirm that each step adhered to mandated rules. The compliance engine (350) transforms these validations into structured evidence that can be retrieved for audits, demonstrating conformity across the data (210) lifecycle. By correlating system (100) actions with regulatory expectations, the compliance engine (350) produces a reliable compliance output that can be independently verified.
[0080] In one embodiment, the compliance engine (350) is configured to predict a potential non-compliance scenario utilizing an analysis of an historical operational data, thereby pre-emptively adjusting the plurality of privacy-preserving controls (160) to mitigate future regulatory deviations. The compliance engine (350) predicts potential non-compliance scenarios by analysing historical operational data to identify patterns or conditions that previously led to regulatory deviations. Based on this analysis, the compliance engine (350) pre-emptively adjusts the plurality of privacy-preserving controls (160) to prevent similar issues in upcoming operations. The non-compliance scenario arises when data handling fails to meet regulatory or policy requirements, which can lead to legal penalties, operational interruptions, or compromised data privacy. By anticipating such events, the compliance engine (350) ensures that protective measures are dynamically strengthened to maintain adherence and reduce risk.
[0081] Moreover, in operation, the operation dashboard module (335) is configured to present an integrated operational interface (170) configured to consolidate at least one of a consent, protection, and compliance (165) outputs, thereby providing a unified visualization of the ongoing data flow (365), applied safeguards, and compliance (165) verification in a real time based on a changing consent of the user (120). The operation dashboard module (335) presents an integrated operational interface (170) that merges consent, protection, and compliance (165) outputs into a single visual layer. The operation dashboard module (335) consolidates the system-generated information to display how the data flow (365) is progressing across interconnected environments. The integrated operational interface (170) reflects the safeguards currently applied and highlights whether operations align with regulatory expectations. Additionally, the operation dashboard module (335) updates these elements in real time, allowing continuous visibility into system (100) behaviour. This unified presentation enables clear monitoring of both user-driven and system-initiated actions within the data lifecycle.
[0082] Additionally, the applied safeguards and compliance (165) is performed in a continuous, real-time verification, based on dynamically changing user consent (120). Upon issuance of consent, the operation dashboard module (335) immediately enables corresponding data (210) processing pathways, and upon withdrawal of consent, it interrupts and terminates such pathways without delay. The system (100) maintains a live consent state that is persistently monitored to prevent further access when the user is unwilling to reauthorize consent. This realtime updating ensures that safeguards and compliance remain synchronized with the current consent status at all times
[0083] In one embodiment, the operation dashboard module (335) is configured to consolidate a real-time metrics of at least one of a consent status, privacy risk, and compliance (165) validation into the integrated operational interface (170) adapted to support analytical filtering and predictive compliance alerts. The operation dashboard module (335) consolidates real-time metrics by continuously collecting updates on consent status, privacy risk, and compliance (165) validation and merging them into the integrated operational interface (170). It structures these inputs into a unified visual layer that supports analytical filtering, allowing users (120) to isolate specific conditions or parameters. The operation dashboard module (335) further enables predictive compliance alerts by processing evolving data patterns and highlighting emerging deviations that may require attention.
[0084] In a non-limiting example, consider a scenario, where a multinational e-commerce company implements the disclosed system (100) to manage user data across its digital supply chain. A user (120) interacting with the platform provides consent for sharing data (210) related to marketing, analytics, and third-party vendor operations through a digital interface. The system (100) captures this consent along with contextual details such as time, source, and purpose, storing it in a structured data repository (135) with uniquely indexed entries. A distinct consent identifier is generated for the user (120), linking all permissions and preferences, which then guides how their data flows across multiple interconnected systems (100). The data flow (365) is monitored in real time, ensuring that only authorized entities access the information, while privacy risks are evaluated to identify potential vulnerabilities (145), triggering adaptive protection controls. The sensitive data (375) is encrypted, anonymized, or masked, and secure transfer routes (155) are established to prevent unauthorized access. All processing activities are logged chronologically, enabling verification and audit, while user-initiated requests for data access (360), corrections, deletion, or consent withdrawal are tracked and executed. The data deletion operation (385) is validated to ensure irreversible removal, and compliance (165) proofs are generated mathematically to demonstrate adherence to regulatory requirements. An integrated operational interface (170) provides a unified view of consent, protection, and compliance status, allowing operational teams to monitor the system (100) continuously. This implementation ensures that user (120) data is handled transparently, securely, and in accordance with privacy regulations, enhancing trust while enabling efficient data utilization in business operations.
[0085] FIG. 4 illustrates a flow diagram of the data flow in the system for unified consentbased access controlled data flow in digital supply chain of FIG. 1, in accordance with an embodiment of the present disclosure. Compared to a conventional system lacking consent-based access control (180), the user data (210) flows directly from the structured data repository (135) adapted to be utilized as a customer database to downstream systems, including a third party source (185), without enforcing the user’s withdrawn consent, resulting in an unauthorized use and potential breach when an agent initiates contact. In contrast, the proposed system (100) shows the introduction of the consent manager (175) comprising of at least one of a consent capture (130) and a consent reference (140), along with the consent-based access control (180), which continuously validates the user’s (120) consent state before permitting any data access. When consent is withdrawn, the access control blocks exposure of personal data, thereby preventing the third party sources (185) from initiating the action. Additionally, sensitive attributes, such as contact information, are protected through encryption and are only conditionally decrypted when consent and internal policy rules are satisfied. This controlled flow ensures that data usage remains aligned with real-time consent and compliance requirements while preventing unauthorized disclosure.
[0086] In an illustration, a call centre agent for marketing is requesting for phone number of the user for making an insurance sales call. When the agent’s API call hits a CBAC (Consent Based Access Control) , it first understand who is asking for information, what his role is, what is the purpose of the request and data processing, what is the organization policy for data sharing with the agent, what is the data protection requirement, are there any data retention requirements for processing and what are the legal obligations, based on this CBAC looks at the consent provided by the customer whose data is being requested, the purpose for which user has consented, then CBAC looks at DPIA approval for data sharing and protection required, then CBAC proxies data request to the database or any application that shares user information, once it receives the user information from the database, applies the recommended technical safeguard as per the policy, logs the reasoning and technical safeguard applied, shares the phone number in an encrypted or masked format to the call centre agent. The call centre agent will only get the phone number if the user has consented and even if its consented, the agent will only get an encrypted number which he can share with calling platform which can on the fly decrypt it while making the call. Thus, the personal data of the customer is protected across the data life cycle, even if the data gets breached at the agent level, it’s not a personal data breach and customer is never called if he has withdrawn consent and businesses can call customer with full protection if the customer has consented for the business purpose. In another illustration, the CBAC uses a secure multi-party compute where threshold cryptography as an option is proposed. The consent manager or the customer manages one portion of the key in his consent wallet or consent manager, the data governance or DPO who is approving the data flow with necessary protection holds a portion of the key and the manager approving the call centre agent to have approval to call consented users has a portion of the key. The phone number can be decrypted only when all portions of the keys are in place including consent from user, DPO’ s approval and manager’ s approval for using data by agent for a purpose. These key shares can be within one organization or across multiple organizations - say an external consent manager, an insurance company, an insurance cross selling / marketing platform and a call centre, coming together in solving the problem which does not happen due to the data breach risk involved. This granular control across multiple parties using secure compute to achieve consent based access control is achieved in this illustration.
[0087] In another illustration, the CBAC creates and shares a zero knowledge use, which is an integration of the zero knowledge proof and a zero knowledge encryption. The zero knowledge use enables an entity to use and share an consented phone number of a customer with multiple downstream parties with complete control without the risk of breach using the secure multi-party compute and zero knowledge proof and CBAC in an integrated pool together.
[0088] FIG. 5 (a) is a flow chart representing the steps involved in a method for unified consent-based controlled data flow in digital supply chain in accordance with an embodiment of the present disclosure. FIG. 5 (b) illustrates continued steps of the method of FIG. 5 (a) in accordance with an embodiment of the present disclosure. The method (400) includes obtaining, by utilizing a plurality of contextual parameters comprising time, source, and purpose of a consent, a user consent prior to initiation of a data collection operation in the step (405). Additionally, the method (400) includes recording, by an authorization validation, a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable subsequent data processing activities and uniquely indexed for retrieval in course of a data access in the step ( 10).
[0089] Furthermore, the method (400) includes generating, by the plurality of recorded consent, a consent reference corresponding to create a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation in the step (415).
[0090] Moreover, the method (400) includes regulating, by controlling access, transmission, and processing of a user data within a digital supply chain environment, a data flow in accordance with the consent reference, wherein the regulated flow ensures adherence to a plurality of stored consent preferences in the step (420).
[0091] Moreover, the method (400) includes evaluating, by analysing attributes of at least one of a data category, processing purposes, and recipient entities, a privacy risks prior to initiation of a data processing operation, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure in the step (425).
[0092] Moreover, the method (400) includes assessing, by determining an impact severity, the plurality of identified potential vulnerabilities and establish a protection control corresponding to each of the plurality of identified vulnerability to govern continuation of the data processing operation in accordance with the impact severity in the step (430). Moreover, the method (400) includes analysing, by an evaluation of data-flow paths across a plurality of communicatively coupled processing environments, a plurality of exposure points associated with sensitive data in the step (435).
[0093] Moreover, the method (400) includes establishing, by defining a secure data- transfer route configured to control transmission among the communicatively coupled processing environments, a consent-based access control and prevent unauthorized access during data exchange, wherein the secure data-transfer route is being defined in accordance with an assigned protection requirement based on at least one of a data-requestor role, a data-protection-impact-assessment approval, business processes, and logic in the step (440).
[0094] Moreover, the method (400) includes applying, by executing at least one of a protection technique, a plurality of privacy-preserving controls in course of a consent based access control of data handling, wherein the protection technique comprises at least one of an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation in the step (445).
[0095] Moreover, the method (400) includes maintaining, by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, a record of processing activities, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency in the step (450).
[0096] Moreover, the method (400) includes linking, by the recorded processing activity, a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data-subject operation in the step (455). Moreover, the method (400) includes monitoring, an execution of a data-deletion operation corresponding to an authorized user-initiated request, an irreversible and secure erasure of associated personal data upon completion of the data-deletion operation in the step (460).
[0097] Moreover, the method (400) includes generating, by applying at least one of a mathematical and computational model, a verifiable compliance proofs, wherein the mathematical, cryptographic, and computational model are configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity in the step (465).
[0098] Moreover, the method (400) includes presenting, by consolidation of at least one of consent, protection, and compliance outputs in an integrated operational interface, a unified visualization of ongoing data flow, applied safeguards, and real-time compliance verification based on a changing consent of a user in the step (470).
[0099] Various embodiments of the system and the method for unified consent-based access controlled data flow in digital supply chain described above enables various advantages. The disclosed system (100) offers several practical advantages in real- world applications by providing a comprehensive framework for consent-based data governance across digital supply chains. It ensures that user data (210) is collected only after explicit consent, capturing detailed contextual information to maintain transparency and traceability. By generating distinct consent identifiers and linking them to structured consent reference (140) records, the system (100) enables precise enforcement of the user (120) preferences across multiple interconnected processing environments. The regulated data flow (365) minimizes unauthorized access and ensures adherence to privacy requirements, while adaptive risk evaluation and protection controls (150) proactively address potential vulnerabilities (145). Secure data transfer routes (155), combined with encryption, anonymization, and masking, safeguard sensitive information during transmission. Continuous logging of processing activities allows for easy verification, auditing, and accountability, while user-initiated requests for access, correction, deletion, or withdrawal are executed efficiently and securely. Automated validation of data deletion ensures irreversibility, and compliance (165) proofs provide auditable evidence of adherence to regulatory standards. The integrated operational interface (170) consolidates consent, protection, and compliance outputs in real time, offering stakeholders a clear overview of system (100) performance. Collectively, these features optimizes data privacy, operational transparency, regulatory compliance (165), and user trust, while enabling organizations to leverage data effectively and securely across their digital ecosystem.
[0100] The techniques described in this disclosure may be implemented, at least in part, in hardware, software, firmware, or any combination thereof. For example, various aspects of the described techniques may be implemented within one or more processors, including one or more microprocessors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or any other equivalent integrated or discrete logic circuitry, as well as any combinations of such components. The term “processor” or “processing subsystem” may generally refer to any of the foregoing logic circuitry, alone or in combination with other logic circuitry, or any other equivalent circuitry. A control unit including hardware may also perform one or more of the techniques of this disclosure.
[0101] Such hardware, software, and firmware may be implemented within the same device or within separate devices to support the various techniques described in this disclosure. In addition, any of the described units, modules, or components may be implemented together or separately as discrete but interoperable logic devices. Depiction of different features as modules or units is intended to highlight different functional aspects and does not necessarily imply that such modules or units must be realized by separate hardware, firmware, or software components. Rather, functionality associated with one or more modules or units may be performed by separate hardware, firmware, or software components, or integrated within common or separate hardware, firmware, or software components.
[0102] It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof.
[0103] While specific language has been used to describe the disclosure, any limitations arising on account of the same are not intended. As would be apparent to a person skilled in the art, various working modifications may be made to the method in order to implement the inventive concept as taught herein.
[0104] The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all of the acts need to be necessarily performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples.
Claims
WE CLAIM:
1. A system for unified consent-based access controlled data flow in digital supply chain comprising: a processor; a memory coupled to the processor, wherein the memory comprises instructions that when executed by the processor cause the processor to: obtain a user consent prior to initiation of a data collection operation, wherein the user consent is being captured in correspondence with a plurality of contextual parameters comprising time, source, and purpose of a consent; record a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recorded consent entry is adapted to enable an authorization validation for subsequent data processing activities and uniquely indexed for retrieval in course of a data access; generate a consent reference corresponding to the plurality of recorded consent by creating a distinct consent identifier adapted to represent a user-specific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation; regulate a data flow in accordance with the consent reference by controlling access, transmission, and processing of a user data within a digital supply chain environment, wherein the regulated flow ensures adherence to a plurality of stored consent preferences; evaluate privacy risks prior to initiation of a data processing operation by analysing attributes of at least one of a data category, processing purposes, and recipient entities, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure;assess the plurality of identified potential vulnerabilities by determining an impact severity and establish a protection control corresponding to each of the plurality of identified potential vulnerability to govern continuation of the data processing operation in accordance with the impact severity; analyse the data flow paths across a plurality of communicatively coupled processing environments to identify a plurality of exposure points associated with a sensitive data; establish a secure data transfer route configured to control transmission among the communicatively coupled processing environments, wherein the secure data transfer routes are defined in accordance with an assigned protection requirement based on at least one of a data requestor role, data protection impact assessment approval, business processes and logic to establish a consent based access control and prevent an unauthorized access in course of a data exchange; apply a plurality of privacy-preserving controls in course of a consent-based access control of data handling by executing at least one of a protection technique comprising an encryption, anonymization, secure multiparty compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation; maintain a record of processing activities by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency; link a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent to the corresponding recorded processing activity, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data-subject operation;monitor an execution of a data deletion operation corresponding to an authorized user-initiated request and verify an irreversible and secure erasure of an associated personal data upon completion of the data deletion operation; generate verifiable compliance proofs by applying at least one of a mathematical, cryptographic and computational model configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity; and present an integrated operational interface configured to consolidate at least one of a consent, protection, and compliance outputs, thereby providing a unified visualization of the ongoing data flow, applied safeguards, and compliance verification in a real time based on a changing consent of a user.
2. The system as claimed in claim 1, to cause the processor to synchronize generation of the distinct consent identifier with a plurality of recorded consent attributes to ensure a consistent enforcement of a user-specified preferences throughout the data flow.
3. The system as claimed in claim 1, to cause the processor to facilitate a coordinated communication among distributed functional units by executing a server-hosted operation adapted to enable a scalable and bidirectional exchange of consent-related and compliance data.
4. The system as claimed in claim 1, to cause the processor to dynamically link privacy risk evaluation with threat level to adaptively modify a plurality of protection parameters in response to a real-time detection of a plurality of potential vulnerabilities.
5. The system as claimed in claim 1, to cause the processor to implement a protection technique by dynamically determining and applying a context-specificprivacy-preserving control based on at least one of the data requestor’s role, the request purpose, the discovered data risk, the user’s consent, the assessment of legitimate use, applicable data-sharing policies, and a data-protection impact assessment derived from the evaluated threat level.
6. The system as claimed in claim 1, to cause the processor to correlate a user- initiated data deletion operation with the recorded processing activities and validates completion by confirming irreversible removal of the associated personal data from storage repositories.
7. The system as claimed in claim 1, to cause the processor to maintain and chain a temporal audit records, wherein the temporal audit records are chronologically linked to a preceding and subsequent event, thereby establishing an immutable audit trail.
8. The system as claimed in claim 1, to cause the processor to consolidate a realtime metrics of at least one of a consent status, privacy risk, and compliance validation into the integrated operational interface adapted to support analytical filtering and predictive compliance alerts.
9. The system as claimed in claim 1, to cause the processor to predict a potential non-compliance scenario utilizing an analysis of an historical operational data, thereby pre-emptively adjusting the plurality of privacy -preserving controls to mitigate future regulatory deviations.
10. A method for unified consent-based access controlled data flow in digital supply chain comprising: obtaining, by utilizing a plurality of contextual parameters comprising time, source, and purpose of a consent, a user consent prior to initiation of a data collection operation; recording, by an authorization validation, a plurality of consent in a structured data repository configured to maintain a traceable record, wherein each recordedconsent entry is adapted to enable subsequent data processing activities and uniquely indexed for retrieval in course of a data access; generating, by the plurality of recorded consent, a consent reference corresponding to create a distinct consent identifier adapted to represent a userspecific data usage preferences, wherein the consent reference is maintained in association with a recorded consent entry to ensure a traceability across subsequent data operation; regulating, by controlling access, transmission, and processing of a user data within a digital supply chain environment, a data flow in accordance with the consent reference, wherein the regulated flow ensures adherence to a plurality of stored consent preferences; evaluating, by analysing attributes of at least one of a data category, processing purposes, and recipient entities, a privacy risks prior to initiation of a data processing operation, wherein an evaluation result is adapted to identify a plurality of potential vulnerabilities associated with a corresponding mitigation measure; assessing, by determining an impact severity, the plurality of identified potential vulnerabilities and establish a protection control corresponding to each of the plurality of identified vulnerability to govern continuation of the data processing operation in accordance with the impact severity; analysing, by an evaluation of data-flow paths across a plurality of communicatively coupled processing environments, a plurality of exposure points associated with sensitive data; establishing, by defining a secure data-transfer route configured to control transmission among the communicatively coupled processing environments, a consent-based access control and prevent unauthorized access during data exchange, wherein the secure data-transfer route is being defined in accordance with an assigned protection requirement based on at least one of a data-requestor role, a data-protection-impact-assessment approval, business processes, and logic; applying, by executing at least one of a protection technique, a plurality of privacy-preserving controls in course of a consent-based access control of datahandling, wherein the protection technique comprises at least one of an encryption, anonymization, secure multi-party compute, zero knowledge use and masking of the sensitive data, thereby aligning the privacy-preserving controls with an evaluated threat level to maintain a confidentiality and a regulatory compliance of the data processing operation; maintaining, by documenting a plurality of operational details comprising at least one of a nature, purpose, category, and recipient of a processed data, a record of processing activities, wherein the record is being stored in a retrievable format to allow a verification and audit of a data handling consistency; linking, by the recorded processing activity, a user-initiated request for at least one of an access, a correction, deletion, and withdrawal of the user consent, wherein each request is correlated with a predefined consent reference and an operational metadata to enable a controlled and auditable execution of a data-subject operation; monitoring, an execution of a data-deletion operation corresponding to an authorized user-initiated request, an irreversible and secure erasure of associated personal data upon completion of the data-deletion operation; generating, by applying at least one of a mathematical, cryptographic and computational model, a verifiable compliance proofs, wherein the mathematical, cryptographic and computational model are configured to validate an adherence of an executed data processing operation to a plurality of regulatory requirements, thereby providing an auditable evidence of conformity; and presenting, by consolidation of at least one of consent, protection, and compliance outputs in an integrated operational interface, a unified visualization of ongoing data flow, applied safeguards, and real-time compliance verification based on a changing consent of a user.