.jpg)
I found a blog post on Vista Infosec that explains the rights and protections offered to Data Principals under the Digital Personal Data Protection Act (DPDP) of 2023 in India 1. The DPDP Act is a landmark legislation that is reshaping the landscape of data privacy in India.
According to the blog post, a Data Principal refers to an individual whose personal data is being discussed. The blog post explains that Data Principals have several rights under the DPDP Act, including:
- Right to Access Information: Under Section 11 (1) (a) of the DPDP Act, Data Principals have the right to request a summary of their personal data that the Data Fiduciary is processing and the manner in which they are doing it. They also have the right to know who else their data has been shared with, and can request any other information related to their personal data and its processing 1.
- Right to Correction and Erasure of Personal Data: As per Section 12 (1) of the DPDP Act, Data Principals have the right to request the Data Fiduciary to correct any data that’s inaccurate or misleading, complete any data that’s incomplete, and update any data that’s outdated 1.
- Right of Grievance Redressal: Section 13 provides Data Principals with accessible grievance redressal mechanisms through Data Fiduciaries or consent managers, ensuring prompt responses within prescribed timeframes 2.
- Right to Nominate: Under Section 14 of the DPDP Act, Data Principals can nominate another person to exercise their rights in the event of death or incapacity 3.
The blog post also mentions that the DPDP Act provides Data Principals with significant rights such as access to information, correction, erasure, and grievance redressal. It also allows them to nominate representatives in the event of incapacity or death 1.
No comments:
Post a Comment