New Delhi, Jan 4 (IANS) Data fiduciaries such as e-commerce, online gaming and social media platforms will have to erase personal data of a user three years after it is no longer required, according to the draft rules of the Digital Personal Data Protection (DPDP) Act.
The draft rules apply to e-commerce entities having not less than 2 crore registered users in India, online gaming intermediary having not less than 50 lakh registered users in India and social media intermediary having not less than 2 crore registered users in the country. These provisions pertain to Section 8 of the draft rules.
These data fiduciaries have to notify users at least 48 hours before erasing their data, allowing them to request for retaining the data if they wish to, like their profiles, email addresses and phone numbers, to access money, goods or services.
“At least forty-eight hours before completion of the time period for erasure of personal data under this rule, the Data Fiduciary shall inform the Data Principal that such personal data shall be erased upon completion of such period, unless she logs into her user account or otherwise initiates contact with the Data Fiduciary for the performance of the specified purpose or exercises her rights in relation to the processing of such personal data,” according to draft rules.
A data fiduciary will protect personal data in its possession or under its control, including in respect of any processing undertaken by it or on its behalf by a data processor, by taking reasonable security safeguards to prevent personal data breach.
“On becoming aware of any personal data breach, the Data Fiduciary shall, to the best of its knowledge, intimate to each affected Data Principal, in a concise, clear and plain manner and without delay, through her user account or any mode of communication registered by her with the Data Fiduciary,” the draft rules read.
They need to inform users about the description of the data breach, including its nature, extent and the timing and location of its occurrence, the consequences relevant to her, that are likely to arise from the breach, the measures implemented and being implemented by the Data Fiduciary, if any, to mitigate risk, the safety measures that she may take to protect her interests; and business contact information of a person who is able to respond on behalf of the Data Fiduciary, to queries, if any, of the Data Principal.
The DPDP Act was passed in Parliament in August 2023 and the government is seeking feedback on the draft rules through the MyGov portal till February 18, 2025.
—IANS
na/
Disclaimer
The information contained in this website is for general information purposes only. The information is provided by TodayIndia.news and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you are able to link to other websites which are not under the control of TodayIndia.news We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, TodayIndia.news takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
For any legal details or query please visit original source link given with news or click on Go to Source.
Our translation service aims to offer the most accurate translation possible and we rarely experience any issues with news post. However, as the translation is carried out by third part tool there is a possibility for error to cause the occasional inaccuracy. We therefore require you to accept this disclaimer before confirming any translation news with us.
If you are not willing to accept this disclaimer then we recommend reading news post in its original language.
