DPDP Consultants Privacyium Tech Pvt. Ltd. 4th floor, GM IT Park, Plot no 32-33, Sector 142, Noida, Uttar Pradesh 201305
Our Locations
Copyright 2024 © DPDP Consultants, A Privacyium Tech Pvt. Ltd. Company
Pursuant to section 4(1) of the DPDP Act 23, every business needs to ensure that they have a proper legal basis to process personal data. Consent is the primary legal basis lying at the core of any lawful data processing 1(1a)
DPGR allows data principal to raise their rights through a user-friendly platform and allows requests to be accessed by the Data Protection Officers/concerned persons manually or in an automated way.
Consider yourself non-compliant if your employees are unaware of compliance, even though your systems are fully compliant. Every unaware employee is a potential source of accidental data breaches. Data Protection Awareness Program (DPAP) offers meticulously
DPDP Compliance is not just a one-time compliance; organisations must remain compliant throughout their business life. This is especially true for organisations (a.k.a significant data fiduciaries) where
DPDP Act 2023 mandates organisations to process personal data in accordance with specified provisions of the Act. Organisations must rely on prescribed grounds for processing personal data and should only process data for lawful purposes. Organisations need to process personal data based on valid consent or as per stated legitimate uses; furthermore, organisations are required to address data principal rights and grievances in a timely manner, conduct periodic data protection impact assessment (DPIA) and audits, ensure data protection agreements are executed with data processors and awareness programs and assessments are conducted.
Under the DPDP Act, businesses in India are restricted from contacting Indian data principals without a proper legal basis and lawful purpose. Common communication methods used by businesses in India, such as email or phone calls, need to align with the DPDP framework. Failure to do so can result in penalties from the Data Protection Board, even if a business is in the process of DPDP compliance.