Title
Create new category
Edit page index title
Edit category
Edit link
Consent Data Categories
Introduction
Consent Data Categories define the specific types of personal data or personally identifiable information(PII) for which consent is being collected from the Data Principal. They help clearly identify the scope of data processing authorized by the user, ensuring transparency, purpose limitation, and regulatory compliance under the Digital Personal Data Protection Act (DPDPA), 2023. Examples may include identity information, contact details, financial data, employment records, educational information, location data, or verification documents depending on the business use case and processing purpose.
How Attestr Classifies Data Categories
Based on the services offered and the corresponding data inputs and outputs, personal information is organized into structured data categories and data types to enable standardized consent management and processing.
Data Category
A Data Category represents a logical grouping of related personal data types associated with a Data Principal.
Data Type
A Data Type refers to an individual piece of personal information within a category, such as name, mobile number, PAN, address, or bank account number.
Attestr supports the following data categories and nested data types. We'll keep updating the list as support for more data types and products are added. We recommend using the Get Data Categories API described below for the most recent published list for each of our product and for API integration purposes.
| Data Category | Included Data Types (PII) |
|---|---|
| personal_information | name, dob, gender, address, guardian_name, mother_name, father_name, spouse_name, marital_status, religion, nationality, social_category, specially_abled, other |
| identity | aadhaar, voter_id, drivers_license, passport, pan, ckyc_id, icai_id, central_gov_id, state_gov_id, job_id, student_id, uan, epfo_member_id, din, other |
| asset_identity | property_registration, vehicle_registration, other |
| business_identity | business_name, business_registration_number, business_taxid, director_id, other |
| contact | phone, email, social_media_handle, other |
| financial | bank_account, ifsc, credit_card, debit_card, upi_id, wallet_id, tax_info, income_details, revenues, itr_details, insurance_details, charge_details, other |
| health | medical_history, current_medication, allergies, disabilities, mental_health, health_insurance, other |
| education | course_name, course_code, course_degree, course_grade, course_duration, institute_name, institute_address, institute_certificate, marksheet, other |
| employment | employer_name, employee_id, job_title, salary_details, work_experience, work_documents, work_duration, reference_details, other |
| biometric | fingerprint, iris_scan, facial_recognition, voice_sample, handwritten_signature, electronic_signature, photo, video, other |
| location | address, gps_data, ip_address, cell_tower_data, other |
| legal | court_records, legal_cases, compliance_documents, other |
| usage | browsing_history, purchase_history, app_usage, other |
| derived | risk_score, predictions, reputation_score, other |
Get Data Categories API
Request
| Type | URL | Version |
|---|---|---|
| POST | https://api.attestr.com/api/{version/public/consent/data-categories | Use "v3" for DPDA compliant version |
Request Body Parameters
| Type | Name | Description | Optional (default) | Min Version | Max Version |
|---|---|---|---|---|---|
| String | type | Provide the type. Allowed values are - kyc_verification background_verification | Required | v3 | |
| Array<Service Object> | services | List of services for which data categories are required to be fetched. Refer Service object definition below. | Required | v3 |
Service Object Definition
| Type | Name | Description | Optional (default) | Min Version | Max Version |
|---|---|---|---|---|---|
| String | service | Provide the Service code. Attestr assigns a unique service code to each product and service it offers. For example, the service code for Bank Account Verification is BANK_ACC. Please refer to the relevant product documentation to identify the correct service code for the service you intend to use. | Required | v3 | |
| Object | options | Reserved for future use. Used for specifying service specific options which helps to decide the associated data categories. | Optional | v3 |
Request Header Parameters
| Type | Name | Value / Description | Optional | Min Version | Max Version |
|---|---|---|---|---|---|
| String | Content-Type | application/json | Required | v3 | |
| String | Authorization | Basic {authToken} | Required | v3 |
If you do not have the authentication token, please refer to Register App to generate one.
Sample Request Payload
xxxxxxxxxx{ "type": "kyc_verification", "services": [{ "service": "BANK_ACC" }, { "service": "UDYAMX" }]}Response
Http Status 200
API returns an array of objects. Each object includes one data category and list of associated data types. The object definition is as below.
| Key | Description | Type | Min Version | Max Version |
|---|---|---|---|---|
| category | Data category for the provided service | String | v3 | |
| values | Associated data types as mapped to the provided service | Array<String> | v3 |
Sample Response
Sample response for valid input
xxxxxxxxxx[ { "category": "financial", "values": [ "bank_account", "ifsc" ] }, { "category": "personal_information", "values": [ "name", "gender", "social_category" ] }, { "category": "business_identity", "values": [ "business_registration_number", "business_name" ] }]Error Response
| Parameter | Type | Description |
|---|---|---|
| code | Number | Unique error codes for different errors. Always available. |
| httpStatusCode | String | Standard HTTP status code for the error |
| message | String | Error message describing the error. Always Available. |
| details | String | Detail error message. Available only for certain types of errors. |
Error Codes
| HTTP Status | Error Code | Error Message |
|---|---|---|
| 400 | 4001 | Malformed data or missing required parameter values |
| 400 | 4005 | Operation could not be performed due to low credits balance |
| 401 | 4016 | Invalid client authorization |
| 403 | 4031 | Unauthorized access |
| 403 | 4035 | Requested service is not provisioned for your account |
| 403 | 4039 | Client's IP address is not whitelisted |
| 403 | 4035 | Requested service is not provisioned for your account |
| 429 | 4291 | Maximum account rate limit exceeded |
| 429 | 4292 | Maximum API rate limit exceeded |
| 429 | 4293 | Maximum account daily limit exceeded |
| 429 | 4294 | Maximum API daily limit exceeded |
| 500 | 5001 | Request could not be processed |
Sample Error Response
xxxxxxxxxx{ "httpStatusCode": 400, "code": 4001, "message": "Malformed data or missing required parameter values", "appError": true}Copyright © Attestr