DPDP Act – Section Wise Overview
| Section no | Focus | What it means |
|---|---|---|
| Section 1: Scope | The Scope & Applicability | The DPDP Act section 1 applies to the processing of digital personal data in India, including data collected online or digitized from offline sources. It also applies to companies outside India if they process data of individuals in India. We ensure all digital leads (online or digitized offline) are processed under the Act. |
| Section 2: Rights | The Data Principal (Individual Rights) |
The Act recognizes the individual as the Data Principal and grants legal rights over their personal data.
We ensure that we recognizes the individual as the data principal with rights to access, correct, or erase their data. |
| Section 3: Data Fiduciary | The Data Fiduciary Obligations |
A Data Fiduciary (our company) decides why and how personal data is processed and must ensure:
We must ensure data is processed lawfully for specific, informed and unambiguous. |
| Section 5 & 6 | Consent Framework |
Consent must be:
No consent request is valid unless it issupported by a prior or accompanying notice that clearly explains the data collected, purpose of use, user rights, and complaint process |
| Section 6: Children’s Data Protection | Children’s Data Protection |
For children’s personal data:
|
| Section 8: Data Breach | Data Breach Notification |
If a personal data breach occurs:
|
| Section 11: Data Principal | Data Principal | Under Section 11 of the DPDP Act, individuals have the right to request and receive clear information about whether and how their personal data is being processed and shared. |