System and method for ensuring data protection and regulatory compliance

The system addresses compliance gaps in personal data collection by analyzing digital journeys, identifying PII, and ensuring compliance with data privacy laws through machine learning, thereby reducing privacy risks and optimizing data collection practices.

WO2026150334A1PCT designated stage Publication Date: 2026-07-16

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Filing Date
2026-01-09
Publication Date
2026-07-16

AI Technical Summary

Technical Problem

Existing systems fail to effectively detect compliance gaps in the collection and processing of personal data, leading to potential privacy violations and non-compliance with data privacy laws.

Method used

A system and method utilizing processors and machine learning to analyze digital journeys, identify personally identifiable information (PII), determine purposes of data collection, and detect non-compliance with privacy policies and regulations, providing recommendations for remediation.

Benefits of technology

Ensures compliance with data privacy laws by identifying and minimizing the collection of unnecessary personal data, reducing privacy risks, and enabling data fiduciaries to rectify non-compliant practices.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure IB2026050163_16072026_PF_FP_ABST
    Figure IB2026050163_16072026_PF_FP_ABST
Patent Text Reader

Abstract

A system and a method for data privacy compliance are disclosed The system is configured to receive, from a client device, information associated with a data fiduciary, the information comprising a digital offering provided by the data fiduciary, a plurality of labels corresponding to a plurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof. Further, system determines one or more labels of the plurality of labels used for collecting personally identifiable information (PII) based on at least one predefined criteria, and determines one or more purposes associated with the collection of the PII and a compliance of the one or more determined labels with the one or more determined purposes. Based on the determined compliance of the one or more labels, the system performs at least one action.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] SYSTEM AND METHOD FOR ENSURING DATA PROTECTION AND REGULATORY COMPLIANCE

[0002] TECHNICAL FIELD

[0003]

[0001] The present disclosure relates to the field of privacy data protection. More specifically, the present disclosure relates to systems and methods for detecting compliance gap in collecting and processing personal digital information by an organization.

[0004] BACKGROUND

[0005]

[0002] Personal data is an information that may identify or provide details about an individual. The personal data may include, but not limited to, name, age, address, identity cards or certificates issued by government / non-government organizations, biometric information, medical records, family details, hobbies, interest, income details, details of movable or non-movable assets, geographic location, etc. Further, the personal data may include, but not limited to, browsing history, online purchase records, historical records of online content consumed by an individual, and other digital imprints and digital records / certificates.

[0006]

[0003] Entities and other organizations (both government or non-government) may collect and process personal data for delivering goods and services to individuals. Personal data may also be processed for providing customized services, recommendations of goods or services, and targeted advertisement. With advancement in digital communication, many goods and services are being provided through online medium, for example, vehicle or medical insurance, bank account, online sale or purchase, etc. Many applications that are installed on digital computing devices, may track and record personal data stored on the digital computing devices and online activities either to provide any customized services or to share the details with third-party. Therefore, any unchecked processing of personal information may have adverse implications on the privacy of individuals, which may impact an individual in terms of monetary loss, loss of reputation, and profiling.

[0004] Data privacy laws provide data protection framework which recognize rights of individuals and accordingly provides rules and regulations to protect personal data and process such personal data for lawful purposes. For example, Digital Personal Data Protection Act, 2023 (DPDP Act) in India applies to the processing of digital personal data within India where such data is collected online or collected offline and is digitized.

[0007] SUMMARY

[0008]

[0005] In one aspect, the present disclosure relates to a system and a method for determining compliance gaps in a digital journey (alternatively referred to as digital offering). The digital journey may include data fields for collecting personal data of a user, a privacy policy and terms and conditions for obtaining the user’s consent before collecting and processing the personal data of the user. The system performs compliance checks on the digital journey with respect to the data privacy laws, regulations, policies, and guidelines. The system may process one or more data fields provided in the digital journey to identify the data fields that may be categorized as personally identifiable information (PII). Further, the system may process the privacy policy and the terms and condition documents to determine the purpose of the collecting PIIs. Based on the detected PIIs and the purpose for collecting the information, the system may generate a description for the PIIs along with the purpose for collecting and processing the PIIs according to the digital privacy laws.

[0009]

[0006] In another aspect, a system for data privacy compliance is disclosed. The system comprising one or more processors and a memory for storing instructions that, when executed by the one or more processors, cause the one or more processors to receive, from a client device, information associated with a data fiduciary, the information comprising a digital offering provided by the data fiduciary, a plurality of labels corresponding to a plurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof. Further, the one or more processors determine one or more labels of the plurality of labels used forcollecting personally identifiable information (PII) based on at least one predefined criteria, and determine, using machine learning, one or more purposes associated with the collection of the PII and a compliance of the one or more determined labels with the one or more determined purposes based on the received digital offering, the reference data privacy policy document, at least one data privacy regulation, or any combination thereof. Based on the determined compliance of the one or more labels, the one or more processors perform at least one action.

[0010]

[0007] In another aspect, a method for data privacy compliance is disclosed. The method may be implemented by the system and comprises receiving information associated with the data fiduciary, determining one or more labels of the plurality of labels used for collecting PII based on the at least one predefined criteria, determining the one or more purposes associated with the collection of the PII and the compliance of the one or more determined labels with the one or more determined purposes based on the received digital offering, the reference data privacy policy document, the at least one data privacy regulation, or any combination thereof, and performing at least one action based on the determined compliance of the one or more labels.

[0011]

[0008] In accordance with an example implementation, the system may analyze the privacy policy and terms and conditions documents to identify the sentence(s) that may not comply with the digital privacy laws for processing the personal data may be referred to a dark pattem(s).

[0012]

[0009] Numerous advantages and benefits of the inventive subject matter disclosed herein will become apparent to those of ordinary skill in the art upon reading and understanding the present specification. It is to be understood, however, that the detailed description of the various embodiments and specific examples, while indicating preferred and / or other embodiments, are given by way of illustration and not limitation. Many changes and modifications within the scope of the present disclosure may be made without departing from the spirit thereof, and the disclosure includes all such modifications.BRIEF DESCRIPTION OF THE DRAWINGS

[0013]

[0010] FIG. 1 is an exemplary illustration of a system for detecting compliance in collecting and processing personal data, in accordance with some embodiments of the present disclosure;

[0014] [OH] FIG. 2 is an exemplary illustration of an environment for detecting compliance in collecting and processing of personal data, in accordance with some embodiments of the present disclosure;

[0015]

[0012] FIG. 3 is an exemplary illustration of a block diagram of the environment of FIG. 2, in accordance with some embodiments of the present disclosure;

[0016]

[0013] FIG. 4A is an exemplary flow chart of a method for identifying personally identifiable information (PII) data filed, in accordance with some embodiments of the present disclosure;

[0017]

[0014] FIG. 4B is an exemplary table indicating data fields identified for collecting PII according to the method of FIG. 4 A, in accordance with some embodiments of the present disclosure;

[0018]

[0015] FIG. 5A is an exemplary flow chart of a method for determining a purpose of collecting personal data, in accordance with some embodiments of the present disclosure;

[0019]

[0016] FIG. 5B is an exemplary illustration of purpose determined for collecting personal data by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0020]

[0017] FIG. 5C is an exemplary illustration of recommendation(s) provided by the system of FIG.1 based on review of reference data privacy policy document(s), in accordance with some embodiments of the present disclosure;

[0021]

[0018] FIG. 6 is an exemplary flow chart of a method for analyzing the identified PII data filed in Fig. 4 with respect to the purpose determined in Fig. 5, in accordance with some embodiments of the present disclosure;

[0022]

[0019] FIG. 7 is an exemplary flow chart of a method for determining non-compliance of privacy policy and terms and condition documents with respect to data privacy law(s), in accordance with some embodiments of the present disclosure;

[0020] FIG. 8 is an exemplary illustration of an entity relationship diagram for a digital journey analyzed by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0023]

[0021] FIG. 9 illustrates a first user interface of a tracking module at a client device for detecting one or more data fields associated with the digital journey, in accordance with some embodiments of the present disclosure;

[0024]

[0022] FIG. 10A illustrates a second user interface of a tracking module at the client device displaying details of detected data fields and scripts tacking the data fields, in accordance with some embodiments of the present disclosure;

[0025]

[0023] FIG. 10B illustrates a table indicating the scripts identified for tracking the data fields during the digital journey by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0026]

[0024] FIG. 11 is an exemplary illustration of a tracking module application for recording data fields populated on the client device for completing the digital journey in the environment of FIG. 2, in accordance with some embodiments of the present disclosure;

[0027]

[0025] FIG. 12A and FIG. 12B are exemplary illustrations of a compliance analysis generated by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0028]

[0026] FIG. 13 A is an exemplary illustration of PII data fields detected by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0029]

[0027] FIG. 13B and 13C are exemplary illustrations of adding a PII data field to the PII data fields detected by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0030]

[0028] FIGS. 14, 15 A, and 15B are exemplary illustrations of non-compliance sentences detected in privacy policy of the digital journey by the system of FIG. 1, in accordance with some embodiments of the present disclosure;

[0031]

[0029] Fig. 16 illustrates a method for data privacy compliance implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure.DETAILED DESCRIPTION

[0032]

[0030] FIG. 1 provides an exemplary illustration of a system 100 for detecting compliance in collecting and processing personal data, in accordance with some embodiments of the present disclosure. The system 100 may include a processor 102, a memory 104, and an input / out interface (I / O interface) 106, and a communication bus 108. The processor 102 may be coupled to the memory 104 and the input / out interface 106 through the communication bus 108. The processor 102 may refer to one or more devices, circuits, and / or processing cores configured to process data. The memory 102 is configured to store instructions, program codes, and data which may be read, written, or fetched by the processor 102 for processing. The input / output interface 106 may include, but not limited to peripheral devices and communication interface(s) for establishing wireless or wired network connection with external network devices, components, servers, or computing system(s).

[0033]

[0031] In some embodiments, the system 100 may include one or more processors and may be implemented as a distributed computing system.

[0034]

[0032] FIG. 2 is an exemplary illustration of an environment 200 for detecting compliance in collecting and processing personal data, in accordance with some embodiments of the present disclosure. As shown in the FIG. 2, the environment 200 may include the system 100 and a client device 202. The system 100 and the client device 202 may be communicatively coupled over a network for transmitting and receiving data. The network may include communication networks such as, but not limited to, a Local Area Network (LAN), a Wireless Local Area Network (WLAN), a Wide Area Network (WAN), internet, a Small Area Network (SAN), and the Internet. The system 100 may be communicatively coupled to a personally identifiable information (PII) module 110, a purpose identification module 112, a notice generation module 114, and a dark pattern identification module 116.

[0035]

[0033] The client device 202 may be a computing device, including, but not limited to, a desktop, a laptop, a tablet, a smart phone, or any electronic device having a combination of a central processing unit, a display device, and input / output units. Accordingly, the client device 202 may implement the functionality ofpreviously described computing device(s) along with capabilities to communicate over wired or wireless networks. The client device 202 may be operated by a user. The client device 202 may facilitate the user to access multiple services provided over the network or internet. The multiple services may be provided through web browsers or through dedicated applications and may include, but not be limited to, insurance, banking, trading, finance, e-commerce, e-filing(s), rental, sale, purchase, online booking, online ordering, social media, online subscriptions, etc. Such services may require registration of the user with the service provider(s) and the service provider(s) may collect personal data of the user at one or more instance when the user access these services through the client device 202.

[0036]

[0034] For example, the banking services may include application for savings bank account, credit card, home loan, vehicle loan, personal loan, or current account opening. The insurance services may include health insurance or vehicle insurance. E-commerce services may include user registration or merchant registration. Healthcare services may include registering for health monitoring applications, booking consultations with a doctor, or medicine delivery. The service providers may process the personal data in order to authenticate the user or to provide extended / customized services to the user. The service provider(s) hereinafter referred to as data fiduciary.

[0037]

[0035] The system 100 may determine and detect compliance in collecting and processing personal data by data fiduciary. In some embodiments, the system 100 assists the data fiduciary to inspect compliance in collecting and processing of the personal data by the data fiduciary according to the digital privacy laws. The client device 202 may gather information about the personal data collected by the data fiduciary from the user. The system 100 may receive, from the client device 202, details about the personal information collected by the data fiduciary, privacy policy of the data fiduciary, and terms and conditions of the data fiduciary that may has been accepted and approved by the user before providing the personal data to the data fiduciary via the browser, user interface, or web application of the data fiduciary through the client device 202.

[0036] FIG. 3 is an exemplary illustration of a block diagram of the environment 200 of FIG. 2, in accordance with some embodiments of the present disclosure. The client device 202 may have a tracking module 204 (for example, a plugin) which gathers all the information provided by the user through the client device 202 to one or more services i.e. digital offering. The tracking module 204 at the client device 202 may operate in background as the user navigate a digital journey (i.e. user provides necessary details in a web page / user interface / web application). The digital journey or digital offering may be a combination of one or more web pages / user interface(s) / application(s) which provide a procedure for the user on the client device 202 to follow for availing the service provided by the data fiduciary. The user interfaces may have data fields for collecting data from the user. For example, the digital journey may include, but not limited to, registering for a bank account, applying for insurance, or creating a personal profile for accessing one or more services. During the digital journey, the client device 202 via the tracking module 204 may monitor the data fields used to collect personal data, provided to the client device 202 by the user. The user provides details in the data fields provided at one or more web pages / user interface / application(s) of the data fiduciary.

[0038]

[0037] The tracking module 204 identifies input data fields and labels associated with the identified input data fields, such as, but not limited to, name, address, age, family, medical history, passport number, driving license, personal identification number, education, e-mail address, contact number, mobile number, etc. The identified input data field may be referred to as data fields hereinafter. The data fields are indicative of collecting personal information present in the digital journey. The tracking module 204 may extract details about the identified data fields and may not extract the personal information received from the user with respect to the data field. Further, the tracking module 204 may obtain a privacy policy document of the data fiduciary or terms and conditions document of the data fiduciary. In some embodiments, the client device 202 may transmit the extracted data fields, privacy policy documents, and terms and condition documents to the system 100.

[0038] In some embodiments, the tracking module 204 may download the privacy policy document and the terms and conditions document from a website link of the data fiduciary provided by the user. In another embodiment, the user may upload the privacy policy document and the terms and conditions document with respect to the digital journey at an interface provided by the tracking module 204 on the client device 202. FIG. 11 is an exemplary illustration of the tracking module 204 for monitoring data fields populated on the client device 202 for completing the digital journey in the environment 200, in accordance with some embodiments of the present disclosure. An interface 1100 having a first panel 1105 for collecting personal data and relevant documents related to PAN number and name is illustrated in FIG. 11. Further, the interface 1100 has a second panel 1110 for displaying instances of personal data collected from the user during the digital journey so far.

[0039]

[0039] Further, the system 100 may receive additional information with respect to the digital journey being monitored by the client device 202. The additional information may include, but not limited to, industry details and purpose for which the user details have been collected by the data fiduciary. The industry details may include the field(s) in which the service is provided to the user, for example, but not limited to, banking, e-commerce, finance, insurance, automobile, etc. FIG. 9 illustrates a first user interface 900 of the tracking module 204 at the client device 202 for detecting one or more data fields associated with the digital journey, in accordance with some embodiments of the present disclosure. The first interface 900 provides data fields for receiving details like industry name and business process from the user. For example, the industry name may be banking, and business process may be an account opening.

[0040]

[0040] In some embodiments, the client device 202 via the tracking module 204 monitor network requests, script execution, cookies, and API (Application Program Interface) calls which executes as the user interacts with the digital offering. FIG.

[0041] 10A illustrates a second user interface 1000-1 of the tracking module 204 at the client device 202 displaying details of detected data fields and scripts tracking the data fields, in accordance with some embodiments of the present disclosure.

[0041] In an example implementation, an electronic device, for example the client device 202, includes a processor and a memory storing instructions that, when executed by the processor, cause the processor to determine a plurality of labels corresponding to a plurality of data fields associated with the digital offering and send, to a server such as the system 100, information associated with the data fiduciary. The information includes a digital offering provided by the data fiduciary, the plurality of labels, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof. Further electronic receive from the server receive recommendation for a consent for a label of the one or more labels, recommendation of removal of a data field from the digital offering corresponding to a label of the one or more labels, or a user consent generated corresponding to a label of the one or more labels.

[0042]

[0042] In an example implementation, the one or more processors receive from the client device 202, information associated with the data fiduciary. The information may include a digital offering provided by the data fiduciary, a plurality of labels corresponding to a plurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof. The digital offering may alternative referred to as digital journey herein after. Further, the one or more processors determine one or more labels of the plurality of labels used for collecting personally identifiable information (PII) based on at least one predefined criteria, determine one or more purposes associated with the collection of the PII and a compliance of the one or more determined labels with the one or more determined purposes based on the received digital offering, the reference data privacy policy document, at least one data privacy regulation, or any combination thereof, and perform at least one action based on the determined compliance of the one or more labels.

[0043]

[0043] In some embodiments, the privacy policy is uploaded or fetched once and stored in the repository 120. Therefore, subsequently inspected digital journeys / offerings reference the existing privacy policy and prevent uploading of independent copies multiple times. As a result, consistency of legal interpretationis maintained across multiple digital journeys and versions for the same data fiduciary.

[0044]

[0044] In some embodiments, the at least one action may include associating a flag with a label of the one or more labels. The flag may indicate non-compliance in collection or processing of PII. Further, the at least one action may include recommending a consent for a label of the one or more labels, recommending removal of a data field from the digital offering corresponding to a label of the one or more labels, or generating a user consent corresponding to a label of the one or more labels.

[0045]

[0045] In another example implementation, the predefined criteria for determining the one or more labels of the plurality of labels used for collecting PII may include string comparison. The one or more processors perform string comparison of each label of the plurality of labels with the predefined labels indicating PII, determine a label as corresponding to one of PIIs when the label matches with the predefined labels. In an alternate embodiment, the one or more processors determine the one or more labels artificial intelligence (Al). The one or more processors remove special characters, if any, from each label of the plurality of labels to obtain a cleansed text for each label of the plurality of labels, tokenize the cleansed text for each label of the plurality of labels into tokens, encodes the tokens to generate respective embeddings for each label of the plurality of labels , using a transformer encoder, and predict a PII class for the embeddings.

[0046]

[0046] Further, the receive information by the one or more processors from the client device 202 may include information of third-party scripts tracking the digital offering. Based on the information of the third-party scripts, the one or more processors determine one or more cookies monitoring the one or more data fields in the digital offering at the client device from the received information, and determine the third-party data recipients and location of the third-party recipients based on the network destination present in the third-party scripts. Accordingly, the at least one action may also include providing, to the client device 202, the number third-party scripts and a list of labels corresponding to the data fields tracked by the at least one third-party script at the client device 202.

[0047] In another example implementation, the one or more processors map the determined one or more labels to the one or more determined purposes and determine for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy regulation based on the mapping of the one or more labels.

[0047]

[0048] In another example implementation, the one or more processors create one or more groups of the one or more purposes, wherein at least two purposes of the one or more purposes are associated to form a group, map the determined one or more labels to the one or more groups of the one or more purposes, determine for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy law based on the mapping of the one or more labels to the one or more groups of the one or more purposes.

[0048]

[0049] In another example implementation, the one or more processors determine a PII class for each label of the one or more labels and categorize each label from the one or more labels as sensitive data and non-sensitive data based on the determined PII class. The PII class are the attributes of personal data like name, address, age, family, medical history, passport number, driving license, personal identification number, education, e-mail address, contact number, etc.

[0049]

[0050] In another example implementation, the one or more processors detect one or more non-compliance instances in the at least one reference data privacy policy document based on the at least one data privacy regulation, assign a score to the at least one privacy policy document based on the detected one or more non-compliant instances, and generate a recommendation for the one or more non-compliance instances. The recommendation may include at least one reason for non-compliance in accordance with relevant section or requirement described in the corresponding the data privacy regulation(s).

[0050]

[0051] In another example implementation, the one or more processors store collated information for the digital offering including the plurality of labels corresponding to the detected data fields, the determined one or more purposes, the detected non-compliant instances, the at least one action, and the compliance score in the repository 120. Further, the one or more processors compare the currentdigital offering with previously analyzed digital offer of same domain. The comparison may be performed by matching the one or more determined labels of the current digital offering with the one or more determined labels of another digital offering previously stored in the repository. For comparison, the current digital offering and another digital offering may correspond to analogous business processes, such as both may related to account opening with a bank. Based on the comparison, the one or more processors may identify labels which are nonessential for the current digital offering. Accordingly, the present subject may reduce the collection of PIIs for the digital offering.

[0051]

[0052] In another example implementation, the one or more processors determine the one or more purposes by retrieving at least one data privacy regulation corresponding to the received information associated with the data fiduciary, determine an industry context for the digital offering, the industry context comprises at least one procedure, at least one process, at least one permission, or any combination thereof for PII utilization, and obtain the one or more purposes by evaluating the at least one reference privacy policy document with respect to the determined industry context.

[0052]

[0053] Referring to FIG. 3, the system 100 forwards the information received from the client device 202, with respect to the digital journey / offering of the data fiduciary, to the PII module 110 and the purpose identification module 112.

[0053]

[0054] In some embodiments, the PII module 110 may be a server in the distributed computing system. In another embodiment, the PII module 110 may be an application provided in the system 100 and executed by the processor 102. The PII module 110 may receive all the detected data field(s) from the system 100. The PII module may identify one or more data fields from the detected data fields as personally identifiable information (PII) and categorizes them as sensitive and nonsensitive. The PII may include, but not limited to, name, family details, citizenship number (e.g. Unique Identification Authority of India (UIDAI) number), tax payment number (e.g. permanent account number), social security number, passport details, driving license details, insurance policies, mobile number, voter identification (ID), employment details, personal address, medical history, bankaccount details, credit card details, nominations, personal asset details, any ID issued by professional associations like, medical association, bar council, chartered accountants, or large associations, digital certificates, digitized documents related to movable and non -movable assets, etc. The PII module 110 may provide the details of the one or more data fields identified as PII and categorized as sensitive and non-sensitive to the system 100. The sensitive PII refers to personal data that, if disclosed or misused, may cause significant harm to an individual, such as identity theft, financial loss, or reputational damage. Examples of sensitive PII may include government-issued identifiers (Unique Identification Number / Social Security Number, Passport details, Driving license details), Financial information (Bank account details, Credit card details, Insurance policy numbers), Biometric and health data (Fingerprints, facial recognition data, Medical history and health records), Personal asset details, digital certificates and digitized property documents. Non-Sensitive PII may refer to personal data that may cause harm less severe than the sensitive PII, if disclosed, but still requires protection under privacy regulations. Examples of non-sensitive PII may include identity details (like First name, middle name, last name, Date of birth, Gender), Contact information (like Email address, Mobile number, Residential address), personal details (Education details, Employment details, Family details, Hobbies and interests). In some embodiments, the PII module 110 may transfer the details of the one or more data fields to the notice generation module 114.

[0054]

[0055] The purpose identification module 112 may determine the purpose for processing personal data by analyzing the identified data fields, privacy policy document, and terms and conditions document with respect to the data privacy laws (such as Digital Personal Data Protection Act, 2023). Further, purpose identification module 112 may further evaluate the purpose for processing personal data with respect to relevant sectoral regulations, based on the industry detail received by the system 100 for the digital journey. The purpose identification module 112 may implement machine learning techniques for determining the purpose. The purpose identification module 112 model may be trained for one or more data privacy laws. The purpose identification module 112 may verify whether the PIIs are processedaccording to the data privacy laws and may verify whether the privacy policy and the terms and conditions of the data fiduciary meet the requirements of the data privacy laws. In some embodiments, the purpose identification module 112 may be implemented as a server. In other embodiments, the purpose identification module 112 may be implemented as an application in the system 100 and executed by the processor 102. The purpose identification module 112 may provide the determined purpose for collecting personal data during the digital journey to the system 100. In some embodiments, the purpose identification module 112 may transfer the determined purpose to the notice generation module 114.

[0055]

[0056] The purpose identification module 112 may be trained using a machine learning model to determine the purpose of collecting personal data from privacy policy documents, terms and conditions, industry-specific context and regulations or any combination thereof. The training dataset may include privacy policy documents, terms documents from multiple industries (banking, insurance, e-commerce, healthcare, etc.), annotated purposes for each document (e.g., identity verification, communication, marketing, fraud prevention), and industry-specific regulations and guidelines (e.g., DPDP Act, GDPR).

[0056]

[0057] In some embodiments, the purpose identification module 112 may be trained using supervised learning where the model learnt from labeled data where each privacy policy or clause is annotated with its corresponding purpose (e.g., identity verification, marketing). Examples of the supervised machine learning technique may include logistic regression for text classification tasks, random forest / gradient boosting for structured features combined with text embeddings, and deep learning for fine-tune models like BERT or RoBERTa for purpose prediction.

[0057]

[0058] In some embodiments, the purpose identification module 112 may be trained using unsupervised learning where similar sentences or clauses were grouped without predefined labels. Examples of the unsupervised machine learning technique may include clustering (K -Means) for grouping similar purposes based on embeddings or topic modeling for identifying latent topics in privacy policies that correspond to purposes.

[0059] Further, in some embodiments, the purpose identification module 112 may be trained using semi -supervised learning where a small labeled dataset is combined with a large unlabeled dataset.

[0058]

[0060] The notice generation module 114 may receive the details of the one or more data fields identified as PII and categorized as sensitive and non-sensitive and the determined purpose for collecting personal data during the digital journey from the system 100 or from the PII module 110 and the purpose identification module 112, respectively. The notice generation module 114 may generate a mapping between the purpose and the identified PII(s) and may generate a consent report. The consent report may include the mapping and may indicate whether the collection and processing of detected PIIs during the digital journey adhere to legal requirement(s) as provided under the data privacy law(s) and the sectoral regulation(s). The mapping may include a list of all the data fields identified as PII and the purpose illustrating at least one reason to capture the PII from the user. Further, the mapping indicates whether the PII in the digital journey is mandatory or non-mandatory information for the user to complete the digital journey. The notice generation module 114 may transmit the consent report to the system 100.

[0059]

[0061] The dark pattern identification module 116 may receive the data fiduciary's privacy policy and terms and conditions documents from the system 100. The dark pattern identification module 116 may analyze the privacy policy and terms and conditions documents and may determine instances of non-compliances as per the data privacy laws. The dark pattern identification module 116 may generate a summary for each of the non-compliance instances. The non-compliance instances may be non-compliance statements present in the privacy policy and the terms and condition documents. The dark pattern identification module 116 may be trained using LLM (large language model) to identify non-compliance statements in the privacy policy and terms and conditions documents. The dark pattern identification module 116 may provide a compliance score to the privacy policy and the terms and conditions documents based on the non-compliance instance(s). The dark pattern identification module 116 may transmit the determined instances of non-compliances, summary for each of the instances of non-compliances, andcompliance score to the system 100. In some embodiments, the dark pattern identification module 116 may be implemented as a server. In other embodiments, dark pattern identification module 116 may be implemented as an application in the system 100 and executed by the processor 102.

[0060]

[0062] The system 100 receives the data field(s) identified as PII from the PII module 110, the purpose for the collecting and processing the personal data for each detected PII from the purpose identification module 112, the consent report from the notice generation module 114, and details of non-compliance instances along with summary for each of the instances of non-compliances, and compliance score for the privacy policy and the terms and conditions documents from the dark pattern identification module 116. The system 100 may collate the information received from the PII module 110, the purpose identification module 112, the notice generation module 114, and the dark pattern identification module 116 for each digital journey inspected by the system 100. The system 100 may maintain a repository 120 for storing the collated information for each digital journey. The repository 120 may be a database for storing and retrieving data. The repository 120 may be a combination of one or more physical storage volume communicative coupled to the system 100. In some embodiments, the repository 120 may be provided as Database as service (DBaaS) over a cloud architecture.

[0061]

[0063] Further, referring to Fig. 2 and Fig. 3, the system 100 may be communicative coupled to a comparison module 118. The comparison module 118 may compare a first digital journey stored in the repository 120 with a second digital journey where the first and the second digital journeys may belong to similar industry. Based on the comparison of the digital journeys, the comparison module 118 may generate a comparison report on PII utilization based on the comparison. The comparison module 118 may identify necessary PII required in the industry based on comparison to minimize unnecessary collection of personal data. The comparison module 118 may perform a comparison of the PIIs detected between the first and the second digital journeys, purposes of processing the PII, and compliance scores provided to the two digital journeys and generates a comparisonreport. The comparison module 118 may transmit the comparison report to the system 100. The system 100 may store the comparison report in the repository 120.

[0062]

[0064] In some embodiments, the system 100 communicates with the PII module 110, the purpose identification module 112, the notice generation module 114, the dark pattern identification module 116, and the comparison module 118 over message exchange services, for example, but not limited to RabbitMQ (RMQ) or REST (Representational State Transfer) messaging, as illustrated in Fig. 2.

[0063]

[0065] Further, the PII module 110 and the purpose identification module 112 may include artificial trained models and the responses from both the PII module 110 and the purpose identification module 112 are processed by the notice generation module 114, wherein the identified PII fields are mapped with purposes of data collection which can be implemented with the help of taxonomy.

[0064]

[0066] Further, the dark pattern identification module 116 may identify non-compliance statements present in the privacy policy and terms & condition documents with respect to data privacy laws.

[0065] INDUSTRIAL APPLICABILITY

[0066]

[0067] The system 100 is configured to provide collated information based on the inspection performed on the digital journey along with the privacy policy and terms and conditions documents of the data fiduciary to the client device 202. The collated information includes a detailed analysis of the digital journey of the data fiduciary with respect to collection and processing of PII. The collated information indicates compliance gap(s) and instances of non-compliances of the digital journey with respect to the data privacy laws. The user may be the data fiduciary. As a result, the data fiduciary may be able to rectify the non-compliance statements in the privacy policy and terms and condition documents. Further, the system 100 may allow the data fiduciary to reduce the number PII being collected from the user. Further, the system 100 may further suggest relevant PII based on the comparison report and prevent collection of excess PIIs or irrelevant PIIs. As a result, the system 100 may enable the data fiduciary to ensure that websites and web applications comply with data privacy policies / laws / regulations, by accessing data collection forms, privacypolicies, and terms and conditions documents. Further, the system 100 may evaluate mobile applications for compliance with data protection regulations, including the analysis of data collection practices and consent notices. FIG. 12A and FIG. 12B are exemplary illustrations of a compliance analysis generated by the system 100, in accordance with some embodiments of the present disclosure. Referring to FIG.

[0067] 12A, a first summary interface 1200 provides a plurality of interfaces 1205-1 to 1205-6 provides details of analysis performed on the digital offering. The plurality of interface may include total number of data fields detected 1205-1, PII data 1205-2, instances of non-compliance 1205-3, compliance score 1205-1, details on non-compliance in the privacy policy document 1205-5, and details of non-compliance in terms and conditions document 1205-6. Further, referring to FIG. 12B, a second summary interface 1210. The second summary interface may additionally provide details of script detected in the digital offering. The details of the script include a number of first party scripts and the third-party scripts, and the data transfer to one or more jurisdictions based on the network requests.

[0068]

[0068] FIG. 10B illustrates a table 1000-2 indicating the scripts identified for tracking the data fields during the digital journey by the system 100 of FIG. 1, in accordance with some embodiments of the present disclosure. The table 1000 provides a detailed inventory of scripts and cookies observed during the tracking of digital offering / journey. Scripts are listed with attributes such as domain, vendor, category, and whether they are first-party or third-party. Cookies are classified with purpose for example, marketing, analytics, functional, etc. Each of the detected script may be mapped to one or more data field which are monitored or accessed by the script to determine the flow of data from user inputs to third-party code.

[0069]

[0069] Further, the system 100 maps the detected data fields to the identified scripts and identify the resulting data flows and also determine undisclosed processors or jurisdictions from these flows. Thus, the system 100 may directly supports automated detection of undisclosed processors and sub-processors, foreign data transfers, access of scripts to sensitive data fields, and vulnerable or high-risk third-party code.

[0070] FIG. 4 is an exemplary flow chart of a method 400 for identifying personally identifiable information (PII) data filed, in accordance with some embodiments of the present disclosure. The method 400 may be implemented by the PII module 110. The PII module 110 may receive data field text or data field images from the system 100 at step 402. The data field text includes data fields extracted by the tracking module 204 from the digital journey. The data field images are the captured screen of the digital journey which includes input data fields for collecting personal information of the user. The data field images are preprocessed by the PII module 110 by performing image to text conversion of the labels associated with the data fields. The data field text received at step 402 may be referred to as raw label data field. In some embodiments, the PII module 110 may compare each of the received raw label data fields with predefined data fields. The PII module 110 may perform a string similarity comparison at step 404 for each of the received raw label data fields with respect to the predefined data fields to identify raw label data field as PII data field. The identified PII data field(s), at step 404, may be provided to the system 100 at step 406.

[0070]

[0071] In some embodiments, the PII module 110, at step 408, may cleanse the raw label data fields by removing special characters like, but not limited to, slashes 7’, asterisk exclamation T, hash ‘#’, plus ‘+’, colon etc. and generates a cleansed text for the data field free of special characters. For example, a raw label data field for date of birth may be indicated by DOB (DD:YY:MM). Therefore, the PII module 110 may remove the special characters parenthesis “(” and colon from raw data field text and the cleansed data filed text may be DOB DDYYMM. Thereafter, at step 410, the PII module 100 provides the cleansed data field text to a tokenizer which breaks down the cleansed data filed text into smaller units called tokens. Each word in the cleansed data field text may be converted into a token. Each of the tokens may be assigned a unique identification. The unique identification may be a number. The tokenizer splits a text into tokens. Tokens can be words, subwords, or even characters depending on the tokenizer type. For example: when an input text is "Date of Birth", corresponding tokens may be "Date", "of, "Birth" at word-level or "Da", "te", "of, "Bir", "th" at subword-level.Each of the tokens is converted into indentifiers by mapped to unique identification using a vocabulary. At step 412, the PII module 110 may convert the unique identifications (i.e. numbers) corresponding to the tokens into embeddings by implementing a transformer encoder. Further, at step 414, the PII module 110 may implement a Siamese model to predict a respective PII class for the encoded tokens. At step 416, a label may be identified as collecting PII. In some embodiments, the Siamese model may be a pretrained neural network (SNN) that computes similarity functions to determine whether the encoded token, obtained by processing the raw label data field, is similar to predefined PII data field(s). Accordingly, the PII module 110 may categorize the one or more identified input data fields from the digital journey as PII data fields.

[0071]

[0072] A Siamese network consists of two (or more) identical subnetworks that share the same weights. Each subnetwork processes one input and outputs an embedding (vector representation). The embeddings are then compared using a similarity function (e.g., cosine similarity, Euclidean distance). The network learns to minimize the distance for similar pairs and maximize it for dissimilar pairs. Accordingly, to determine if a label (e.g., "DOB", "PAN") is similar to predefined PII classes, the Siamese model encodes the input label and the reference PII class into embeddings, computes similarity score, and predicts whether the label belongs to a PII category.

[0072]

[0073] FIG. 4B is an exemplary table 420 indicating data fields identified for collecting PII according to the method of FIG. 4A, in accordance with some embodiments of the present disclosure. Each row in the table 420 represents a field and includes attributes such as input type, whether it is personal data, the personal data category, sensitivity classification, masking status, consent linkage, and associated business process. The table 420 enables fine-grained governance of data collection, enables minimization of PII, and ensures that each data field has an explicit legal basis and purpose.

[0073]

[0074] FIG. 5A is an exemplary flow chart of a method 500 for determining a purpose of collecting personal data, in accordance with some embodiments of the present disclosure. The method 500 may be implemented by the purposeidentification module 112. At step 502, the purpose identification module 112 may receive the industry detail and journey title from the system 100. At step 504, the purpose identification module 112 may extract industry specific regulations, laws or policies at step 504 though a content retriever. The content retriever may access a context database at step 506 to obtain industry specific regulations, laws or policies. The context databased may store guidelines, laws, rules, policies, and regulations of one or more countries and international treaties with respect to digital privacy and digital data processing and utilization. The purpose identification module 112 may create a context based on the industry specific regulations, laws or policies. The context may indicate procedure(s), process(es), and permissions for utilizing the personal data obtained from the user for one or more services. For example, the context may include, but not limited to, identity verification, address verification, verification of educational qualification, etc.

[0074]

[0075] Further, the purpose identification module 112 may receive the privacy policy document from the system 100 at step 508. The purpose identification module 112 may analyze the privacy policy document with respect to the context determined by the purpose identification module 112 at step 510 and may obtain one or more purposes of collecting personal data based on the privacy policy of the data fiduciary at step 512. In some embodiments, the purpose identification module 112 may implement large language model (LLM) to determine the purpose. The training of the purpose identification module 112 using LLM and the training corpus may include privacy policies and terms & conditions documents of multiple industries (banking, insurance, e-commerce, healthcare, etc.). These documents are preprocessed and fed into the model to learn domain-specific semantics relevant to personal data utilization.

[0075]

[0076] by providing privacy policies and terms and conditions from multiple industries (banking, insurance, e-commerce, healthcare), annotate purposes for each clause (e.g., identity verification, marketing, fraud prevention), and industryspecific regulations (DPDP Act, GDPR) for context.

[0076]

[0077] The LLM may evaluate the privacy policy with respect to context and may determine the purpose for collecting the personal data based on the context.During execution, the LLM receives industry detail and journey title for the digital offering and the applicable privacy policy document(s), enabling contextual evaluation aligned to sectoral requirements.

[0077]

[0078] The LLM may have self-correction loop to improve during training and increase the predication performed by LLM. A training data set may be provided to the LLM. The trained data set may include samples of pre-identified purposes, privacy documents, the context related to specific industry. The self-correction loop may compare the purpose predicted by the LLM for the sample privacy documents with respect the pre-identified purpose and may provide feedback indicating an error or variances between the predicted purpose and the pre-identified purpose.

[0078]

[0079] The one or more purposes obtained at step 512 may be further processed to obtain one or more groups of purposes at step 518. For example, a mobile number may be collected for calling, messaging, and one time password (OTP) verification. Therefore, the purpose identification module 112 may combine the two purposes for collecting mobile numbers. The one or more purposes may indicate specific reasons (minor purpose) for collecting data and the one or more purposes may be grouped based on larger purpose (major purpose) like communication, verification, marketing, etc. The purpose identification module 112 may obtain a context for the one or more purposes at step 514. The context at step 514 may indicate the personal data required for addressing the one or more purposes. At step 516, the purpose identification module 112 may map the one or more purposes with the context. Thereafter, one or more purposes may be grouped based on common or similar requirement defined for collecting personal data. Referring to FIG. 5B, an exemplary illustration of purpose determined for collected personal data by the system 100 of FIG. 1, in accordance with some embodiments of the present disclosure. An interface 520 displayed on the client device 202 may include one or more purposes for collecting personal data. The system 100 determined that the personal data for a digital journey has been collected for the purpose of opening a saving back account, for sending alerts and authentication like (one-time password ‘OTP’), and for marketing and promotions. The interface 520 provides a notice generated an editable structured format with a hierarchy of consent purposes andnested processing purposes. Each purpose section includes editable descriptions and an explicit list of “Personal Information Used” represented as attributes, with the ability to add personal data elements. The system 100 allows the user to construct and refine the digital journey rather than limiting to auditing of the digital journey / offering.

[0079]

[0080] In some embodiments, the system 100 may have a consent or privacy policy document already exists for the current digital offering / journey with the system 100, the system 100 may check compliance of the digital offering against applicable obligations such as discrete compliance gaps such as DPDP Act obligations, breach notification expectations, cross-border transfer consent expectations, data subject rights coverage, language translation gaps, and data minimization alignment. Thus, the system 100 may assess the digital offer in two modes. The system 100 may determine whether the consent, a privacy policy, or a terms and conditions documents previously exist, in the repository 120, for the data fiduciary requesting the assessment of a digital journey via the client device 202. When the system 100 determines a consent or privacy policy document already exists for the current digital offering / journey, the system 100 may operate in a first mode by detecting and analysing an existing notice for legal compliance or non-compliance for the current digital journey. Further, when the system 100 determines that consent or privacy policy document does not exist for the current digital offering / journey, the system 100 may generate a new journey-specific notice.

[0080]

[0081] FIG. 5C is an exemplary illustration of recommendation(s) provided by the system of FIG.1 based on review of reference data privacy policy document(s), in accordance with some embodiments of the present disclosure. In the first mode, compliance gaps, the system 100 may determine inconsistencies, missing disclosures for the digital journey. As illustrated in the FIG. 5C, a bank already has a notice embedded in its onboarding flow. The system 100 validates whether the privacy policy meets data privacy regulation requirements for notice completeness and whether the privacy policy contains risky patterns such as bundled purposes, missing rights, missing retention, missing cross-border disclosures, or missing language coverage. The system 100 provide at interface 530 pending obligations asstructured issues rather than requiring manual legal review of the entire notice. While in the second mode, the system 100 may generate fresh notice, recommendations, or consents.

[0081]

[0082] FIG. 6 is an exemplary flow chart of a method 600 for analyzing the identified PII data field in Fig. 4 with respect to the purpose determined in Fig. 5, in accordance with some embodiments of the present disclosure. The method 600 may be implemented by the notice generation module 114. The notice generation module 114 may receive the one or more purposes along with the purpose groups obtained from the purpose identification module 112 at step 602 and the identified PII obtained from the PII module 110 at step 604. The notice generation module 114 may map the identified PII data field to minor or major purposes for collecting personal data. Minor purposes are specific, granular reasons for data collection. For example, collecting a mobile number for sending an OTP, or collecting an email address for communication. These purposes are tied to individual actions or features within the digital offering. Major purposes are broader categories that group multiple minor purposes under a common theme. For instance, purposes like OTP verification, alerts, and messaging can all be grouped under the major purpose of communication. Similarly, collecting data for identity verification and address verification can be grouped under authentication.

[0082]

[0083] Mapping the identified PII data fields to corresponding purposes ensures compliance with data privacy regulations and maintaining transparency in data processing. This mapping establishes a link between each data field and the specific reason for its collection, enabling verification of lawful processing under applicable regulations, such as the Digital Personal Data Protection Act (DPDP Act) or GDPR. By associating PII data fields with defined purposes, the system 100 may identify unnecessary or excessive data collection, enforce data minimization principles, and generate accurate consent notices to indicate the actual use of personal data. Furthermore, the mapping supports automated compliance checks, facilitates impact assessments, and provides traceability for regulatory audits, thereby reducing risk and enhancing accountability for data fiduciaries and improving compliance accuracy in the assessment of the digital journey / offering.

[0084] The notice generation module 114 may process the one or more purposes at step 606 where the context retriever may provide context data obtained from context database at step 608. The notice generation module 114 may obtain the context data at step 610. The notice generation module 114 may process the PIIs based on the context data to group the PIIs into one or more purposes (minor purpose) at step 612. For example, mobile number and email address are required for two step verification of a user. The notice generation module 114 may use LLM for mapping and grouping the PIIs at step 612. The LLM provides PIIs grouped by each of the minor or major purposes at step 614. For example, a mobile number and an email address may be grouped for the purpose of communication and may also be grouped for the purpose of two step verification of the user.

[0083]

[0085] Further, the notice generation module 114 may implement the steps 612, 614, 618, and 620, similar to the steps 606, 608, 610, respectively. At step 622, the notice generation module 114 may implement LLM to obtain reasons / descriptions for the one or more purposes and the purpose group. At step 626, the notice generation module 114 may generate a notice including a list of PIIs and the purpose for collecting the PII specific to the industry. Referring to FIG. 5B, the system 100 may generate a notice for the personal data collected for the purpose of marketing and promotions. The data fiduciary may obtain consent from the user on the privacy policy before collecting the personal data. The notice generated by the notice generation module 114 at the step 626 indicates whether the personal data collected by the data fiduciary meets the requirements of the data privacy laws. FIG. 13 A is an exemplary illustration of PII data fields detected by the system 100, in accordance with some embodiments of the present disclosure. An interface 1300 an overview of the detected data fields and the associated labels. Further, the data fields are grouped according to purpose. For example, when the purpose is to obtain the personal details, the data fields are related to first name, middle name, last name, identity numbers like Aadhaar number or personal account number. When the purpose is to obtain nominee details, the data fields are nominee name, nominee date of birth.

[0086] FIG. 13B and 13C are exemplary illustrations of adding a PII data field to the PII data fields detected by the system of FIG. 1, in accordance with some embodiments of the present disclosure. An interface 1310 provides an option to select and add data fields identified as PII. Interface 1320 displays an updated list of data fields with addition of Home Address as PII.

[0084]

[0087] FIG. 7 is an exemplary flow chart of a method 700 for determining non-compliance of privacy policy and terms and condition documents with respect to data privacy law(s), in accordance with some embodiments of the present disclosure. The method 700 may be implemented by the dark pattern identification module 116. At step 702, the dark pattern identification module 116 may receive a link (a web link like URL) for obtaining the privacy policy for the digital journey from the system 100. At step 704, the dark pattern identification module 116 may scrape the link to locate the privacy policy. At step 706, the dark pattern identification module 116 may obtain HTML (Hypertext Markup Language) of the privacy policy. At step 708, the dark pattern identification module 116 may parse the HTML. At step 710, the dark pattern identification module 116 may obtain a privacy policy document by parsing the HMTL. At step 712, the dark pattern identification module 116 may process the privacy policy document to segregate into multiple sentences. In some examples, the dark pattern identification module 116 may implement sentence boundary disambiguation (SBD) model for identifying sentences in the privacy policy document at step 712. At step 714, the dark pattern identification module 116 may obtain the privacy policy having text arranged into plurality of sentences. At step 716, the dark pattern identification module 116 may cleanse the sentences of the privacy policy document by removing the special characters. At step 718, each word in the sentences is tokenized by converting each work into a number. At step 720, the tokenized words of each of the sentences are embedded by a BERT (Bidirectional) encoder. At step 722, the dark pattern identification module 116 may perform a binary classification for each sentence. A binary classification may indicate whether the sentence classified as a dark pattern. The sentence classified as dark pattern may be forwarded for further tokenization at step 724. At step 726, tokenized format of the sentence classified asdark pattern may be encoded. At step 728, support vector classification (SVC) may be performed on the encoded sentence. At step 730, based on the SVC, a dark pattern class may predict for the sentence classified as dark pattern. The dark pattern indicates the clauses of a legal document (like a privacy policy, or terms and conditions document) which do not comply with the data privacy laws. For example, the dark pattern may be “We retain your mobile number for marketing purposes even in the case of you closing your account with us.” Referring to FIG.

[0085] 14, 15 A, and 15B, exemplary illustrations of non-compliance sentence(s) detected in the privacy policy of the digital journey by the system 100 are disclosed, in accordance with some embodiments of the present disclosure. Interface 1400 indicates a summary of non-compliance instances detected by the system 100 in the privacy policy document and the terms and conditions document along with the scores. Interfaces 1500 and 1510 provides a notice generated by the system 100 based on the analysis of the privacy policy document and highlighting non-compliance instances and a recommendation based on applicable data privacy regulation.

[0086]

[0088] In some embodiments, the system 100 may have assessment questions for each specific industry and corresponding to the industry specific data privacy regulations. The assessment questions are with respect to collecting and processing of privacy data from the digital offering / joumey and may be with respect to personal data processed, purposes, safeguards, third-party involvement, and risk mitigation. A Data Protection Impact Assessment (DPIA) is a structured process used to identify, evaluate, and mitigate risks associated with the collection, processing, and storage of personal data. It is a key requirement under data privacy regulations, such as the GDPR (General Data Protection Regulation) and India's DPDP Act, whenever data processing activities are likely to pose a high risk to individuals' rights and freedoms.

[0087]

[0089] Based on the assessment of the digital journey and the data collected, the system 100 may automatically populate the response to the assessment questions. Referring to FIG. 8, the system 100 may obtain the relevant information from the repository 120, for example, an artifact table 825, to generate or provide responsesto assessment questions for DPIA. The responses to the assessment questions may indicate level of compliance with the data privacy regulations and may also be used to provide a compliance score to the digital offering / journey.

[0088]

[0090] Convention systems relied on manual questionnaires or static templates for conducting privacy or data protection impact assessments. Such approaches are time-consuming and prone to inaccuracies due to reliance on self-reported information. With present subject matter, the systems and methods automatically generates responses to impact assessment questions using evidence collected from the inspected digital journey / offerings. The responses were based on determined data fields, the purposes, third-party access, cross-border transfers, and implemented safeguards. The system 100 may generate these responses in editable form, allowing review and revisions by the user at the client device 202 to validate or override the content while preserving traceability to underlying evidence. The system 100 may implement Al model like use Large Language Models (LLMs) and Natural Language Processing (NLP) to automatically generate responses to privacy and compliance assessment questions. Instead of relying on manual questionnaires, the Al model interprets each question, retrieves relevant evidence from the inspected digital journey — such as detected data fields, identified purposes, third-party involvement, cross-border transfers, and implemented safeguards — and formulates accurate, context-aware answers. These responses are presented in editable form to allow user validation while maintaining traceability to underlying evidence. Accordingly, the system 100 may automatically populate the DPIA responses based on the artefacts extracted from the inspected journey. This approach ensures that compliance assessments are grounded in actual system behavior, reducing effort, improving accuracy, and enabling dynamic, evidence-driven privacy impact evaluations.

[0089]

[0091] As a result, the present subject matter reduces compliance effort while maintaining accountability and enables data fiduciaries to demonstrate that impact assessments are not theoretical exercises but are grounded in actual system behavior.

[0092] FIG. 8 is an exemplary illustration of an entity relationship diagram 800 for the digital journey analyzed by the system 100, in accordance with some embodiments of the present disclosure. The system 100 stored the details of the digital journey / offering the repository 120. The repository 120 may be configured to have a structured database with one or more tables related to one another based on common data. For example, an organization table 805 have details of organizations (eg. data fiduciaries) registered with system 100 for data privacy compliance detection of one or more digital offerings. A users table 810 has details of users register with the system 100 and belongs to an organization. The user may be a data principal or a data fiduciary operating the client device 202. A journey table 815 includes details of each new journey being analyzed by the system 100. Journey data table 820 includes details of the digital offerings analyzed by the system 100. The Journey data table 820 may have attributes like journey identifier, all the data field labels detected at the client device 202, data field labels identified as collecting PII, mapping of the labels identified as collecting PII with respect to the identified purposes, report / recommendation generated by the system 100 based on the mapping, etc. An artifact table 825 include details of non-compliance instances (e.g. dark patterns). A notice table 830 includes details of notice generated by the system 100 using the notice generation module 114. A comparison master table 835 includes details of organization from the organization table 805 and user from users table 810 for creating a comparison master identifier. A comparison table 840 includes details of the current digital offering and another digital offering user for comparison. A versioning table 845 includes details of different versions of the digital offering analyzed by the system 100. The data fiduciary may modify the digital offering by removing one or more data fields based on the recommendation generated by the system 100 or changes made to the privacy policy document or terms and conditions document by the system 100 or by the user based on the recommendations.

[0090]

[0093] The system 100 communicates with the PII module 110, the purpose identification module 112, the notice generation module 114, the dark pattern identification module 116, and the comparison module 118 over message exchangeservices to detect compliance in collecting and processing of personal data. In the distributed architecture, the modules 110, 112, 114, and 118 may be implemented as individual servers and communicating with the system 100 over the communication network. The servers implementing the modules 110, 112, 114, and 118 may have a hardware architecture similar to the system 100, as described with respect to FIG 1.

[0091]

[0094] Fig. 16 illustrates a method 1600 for data privacy compliance implemented by the system 100 of FIG. 1, in accordance with some embodiments of the present disclosure. At step 1605, information associated with the data fiduciary is received by the system 100. The information comprises a digital offering provided by the data fiduciary, a plurality of labels corresponding to a plurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof. At step 1610, one or more labels of the plurality of labels used for collecting PII are determined by the system 100 based on the at least one predefined criteria. At step 1615, one or more purposes associated with the collection of the PII are determined and compliance of the one or more determined labels with the one or more determined purposes are determined based on the received digital offering, the reference data privacy policy document, the at least one data privacy regulation, or any combination thereof. At step 1620, at least one action is performed by the system 100 based on the determined compliance of the one or more labels.

[0092]

[0095] With the present subject matter, the system and method provide formbased analysis to runtime, evidence-driven inspection of complete digital journeys / offerings. Privacy policy and legal disclosures are now ingested as a centralized, organization-level context and reused consistently across multiple journeys. Third-party identification is derived from observed network behavior, with explicit mapping between scripts, cookies, and accessed personal data fields. Privacy and security impact assessments are automatically populated using evidence collected during journey inspection. Compliance analysis is versionedover time, enabling comparison, regression detection, and continuous compliance monitoring.

[0093]

[0096] The preferred embodiments of the present disclosure have been described in conjunction with the accompanying drawings, it should be understood that the preferred embodiments described herein are only used to illustrate and explain the present disclosure and are not intended to limit the present disclosure. While several examples are described in the description, modifications, adaptations, and other implementations are possible. Accordingly, the following detailed description is not limited by the disclosed examples.

[0094]

[0097] References to "some embodiment", "an embodiment", "at least one embodiment", "one example", "an example", "for example", "another example" and so on, indicate that the embodiment(s) or example(s) so described may include a particular feature, structure, characteristic, property, element, or limitation, butthat not every embodiment or example necessarily includes that particular feature, structure, characteristic, property, element, or limitation. Furthermore, repeated use of the phrase "in some embodiment" does not necessarily refer to the same embodiment.

[0095]

[0098] It will be apparent to those skilled in the art that various modifications and variations can be made to the method and / or system of the present disclosure without departing from the scope of the disclosure. Other embodiments will be apparent to those skilled in the art from consideration of the specification and practice of the method and / or system disclosed herein. It is intended that the specification and examples be considered as exemplary only, with a true scope of the disclosure being indicated by the following claims and their equivalent.

Claims

We Claim:

1. A system for data privacy compliance, the system comprising:one or more processors;a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to:receive, from a client device, information associated with a data fiduciary, the information comprising a digital offering provided by the data fiduciary, a plurality of labels corresponding to a plurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof;determine one or more labels of the plurality of labels used for collecting personally identifiable information (PII) based on at least one predefined criteria;determine, using machine learning, one or more purposes associated with the collection of the PII and a compliance of the one or more determined labels with the one or more determined purposes based on the received digital offering, the reference data privacy policy document, at least one data privacy regulation, or any combination thereof; andperform at least one action based on the determined compliance of the one or more labels.

2. The system as claimed in claim 1, wherein the at least one action includes:associating a flag with a label of the one or more labels;recommending a consent for a label of the one or more labels; recommending removal of a data field from the digital offering corresponding to a label of the one or more labels; orgenerate a user consent corresponding to a label of the one or more labels.

3. The system as claimed in claim 2, wherein the one or more processors are configured to:map the determined one or more labels to the one or more determined purposes; anddetermine for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy regulation based on the mapping of the one or more labels; and4. The system as claimed in claim 3, wherein the one or more processors are configured to:create one or more groups of the one or more purposes, wherein at least two purposes of the one or more purposes are associated to form a group; map the determined one or more labels to the one or more groups of the one or more purposes; anddetermine for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy law based on the mapping of the one or more labels to the one or more groups of the one or more purposes.

5. The system as claimed in claim 4, wherein the one or more processors are configured to determine a PII class for each label of the one or more labels and categorize each label from the one or more labels as sensitive data and non-sensitive data based on the determined PII class.

6. The system as claimed in claim 5, wherein the one or more processors are configured to:detect, via the machine learning, one or more non-compliance instances in the at least one reference data privacy policy document based on the at least one data privacy regulation;assign a score to the at least one privacy policy document based on the detected one or more non-compliant instances; andgenerate a recommendation for the one or more non-compliance instances.

7. The system as claimed in claim 6, wherein the one or more processors are configured to:store, in a repository, collated information for the digital offering including the plurality of labels corresponding to the detected data fields, the determined one or more purposes, the detected non-compliant instances, the at least one action, and the compliance score;compare the one or more determined labels of the digital offering with one or more determined labels of another digital offering previously stored in the repository, wherein the digital offering and another digital offering correspond to analogous processes; andidentify a label of the one or more labels as nonessential for the digital offering based on the comparison.

8. The system as claimed in claim 1, wherein the at least one predefined criteria for determining the one or more labels of the plurality of labels used for collecting PII includes string comparison, and wherein the one or more processors determine the one or more labels of the plurality of labels used for collecting PII by:performing string comparison of each label of the plurality of labels with predefined labels indicating PII; anddetermining a label of the plurality of the labels as PII when the label matches with the predefined labels.

9. The system as claimed in claim 1, wherein the one or more processors determine the one or more labels of the plurality of labels used for collecting PII by:removing special characters from each label of the plurality of labels to obtain a cleansed text for each label of the plurality of labels;tokenizing the cleansed text for each label of the plurality of labels into tokens;encoding, using a transformer encoder, the tokens to generate respective embeddings for each label of the plurality of labels; andpredicting, using a Siamese neural network, a PII class for the embeddings.

10. The system as claimed in claim 1, wherein the one or more processors determine, using machine learning, the one or more purposes associated with the collection of the PII by:retrieving data privacy regulations corresponding to the received information associated with a data fiduciary;determine an industry context for the digital offering, the industry context comprises at least one procedure, at least one process, at least one permission, or any combination thereof for PII utilization; andobtain the one or more purposes by evaluating the at least one reference privacy policy document with respect to the determined industry context.

11. The system as claimed in claim 1, wherein the receive information includes information of at least one third-party script tracking the digital offering, and wherein the one or more processors are configured to:determine one or more cookies monitoring the one or more data fields in the digital offering at the client device from the received information; and determine at least one third-party data recipient and location of the at least one third-party recipient based on the network destination present in the at least one third-party script, wherein the at least one action includes providing, to the client device, the number third-party scripts and a list of labels corresponding to the data fields tracked by the at least one third-party script.

12. The system as claimed in claim 1, wherein the one or more processors are decentralized processors.

13. An electronic device for data privacy compliance, comprising:a processor;a memory storing instructions that, when executed by the processor, cause the processor to:determine a plurality of labels corresponding to a plurality of data fields associated with a digital offering;send, to a server, information associated with a data fiduciary, the information comprising a digital offering provided by the data fiduciary, the plurality of labels, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof; andreceive, from the server, at least one of:recommendation for a consent for a label of the one or more labels;recommendation of removal of a data field from the digital offering corresponding to a label of the one or more labels; and a user consent generated corresponding to a label of the one or more labels.

14. The electronic device as claimed in claim 11, wherein the processor is configured to determine at least one third part script tracking the digital offering, and wherein the information includes information of the at least one third-party script.

15. A method for data privacy compliance, the method comprising:receiving, by one or more processors of a system, information associated with a data fiduciary, the information comprising a digital offering provided by the data fiduciary, a plurality of labels corresponding to aplurality of data fields associated with the digital offering, at least one reference data privacy policy document associated with the data fiduciary, or any combination thereof from a client device;determining, by the one or more processors, one or more labels of the plurality of labels used for collecting personally identifiable information (PII) based on at least one predefined criteria;determining, by the one or more processors via machine learning, one or more purposes associated with the collection of the PII and a compliance of the one or more determined labels with the one or more determined purposes based on the received digital offering, the reference data privacy policy document, at least one data privacy regulation, or any combination thereof; andperforming, by the one or more processors, at least one action based on the determined compliance of the one or more labels.

16. The method as claimed in claim 15, wherein the at least one action includes:associating a flag with a label of the one or more labels;recommending a consent for a label of the one or more labels; recommending removal of a data field from the digital offering corresponding to a label of the one or more labels; orgenerate a user consent corresponding to a label of the one or more labels.

17. The method as claimed in claim 16, wherein the method comprises:mapping the determined one or more labels to the one or more determined purposes; anddetermining for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy regulation based on the mapping of the one or more labels; and18. The method as claimed in claim 17, wherein the method comprises:creating one or more groups of the one or more purposes, wherein at least two purposes of the one or more purposes are associated to form a group;mapping the determined one or more labels to the one or more groups of the one or more purposes; anddetermining for each label of the one or more labels whether collection and processing of PII is in compliance with the data privacy law based on the mapping of the one or more labels to the one or more groups of the one or more purposes.

19. The method as claimed in claim 18, wherein the method comprises:determine a PII class for each label of the one or more labels and categorizing each label from the one or more labels as sensitive data and nonsensitive data based on the determined PII class.

20. The method as claimed in claim 19, wherein the method comprises:detecting, via the machine learning, one or more non-compliance instances in the at least one reference data privacy policy document based on the at least one data privacy regulation;assigning a score to the at least one privacy policy document based on the detected one or more non-compliant instances; andgenerating a recommendation for the one or more non-compliance instances.

21. The method as claimed in claim 20, wherein the method comprises:storing, in a repository, collated information for the digital offering including the plurality of labels corresponding to the detected data fields, the determined one or more purposes, the detected non-compliant instances, the at least one action, and the compliance score;comparing the one or more determined labels of the digital offering with one or more determined labels of another digital offering previously stored inthe repository, wherein the digital offering and another digital offering correspond to analogous processes; andidentifying a label of the one or more labels as nonessential for the digital offering based on the comparison.

22. The method as claimed in claim 15, wherein the at least one predefined criteria for determining the one or more labels of the plurality of labels used for collecting PII includes string comparison, and wherein determining the one or more labels of the plurality of labels used for collecting PII comprises:performing string comparison of each label of the plurality of labels with predefined labels indicating PII; anddetermining a label of the plurality of the labels as PII when the label matches with the predefined labels.

23. The method as claimed in claim 15, wherein determining the one or more labels of the plurality of labels used for collecting PII comprises:removing special characters from each label of the plurality of labels to obtain a cleansed text for each label of the plurality of labels;tokenizing the cleansed text for each label of the plurality of labels into tokens;encoding, using a transformer encoder, the tokens to generate respective embeddings for each label of the plurality of labels; andpredicting, using a Siamese neural network, a PII class for the embeddings.

24. The method as claimed in claim 15, wherein the determining, using machine learning, the one or more purposes associated with the collection of the PII comprises:retrieving data privacy regulations corresponding to the received information associated with a data fiduciary;determine an industry context for the digital offering, the industry context comprises at least one procedure, at least one process, at least one permission, or any combination thereof for PII utilization; andobtain the one or more purposes by evaluating the at least one reference privacy policy document with respect to the determined industry context.

25. The method as claimed in claim 15, wherein the receive information includes information of at least one third-party script tracking the digital offering, and wherein the method comprises:determining one or more cookies monitoring the one or more data fields in the digital offering at the client device from the received information; and determining at least one third-party data recipient and location of the at least one third-party recipient based on the network destination present in the at least one third-party script, wherein the at least one action includes providing, to the client device, the number third-party scripts and a list of labels corresponding to the data fields tracked by the at least one third-party script.