The new digital personal data protection law, that becomes operational after the passage of supporting rules, mandates ...

Companies must give the inactive user 48 hours' notice before deleting such data, warning them that their data will be ...

The government on Friday notified the rules for the Digital Personal Data Protection (DPDP) Act, formally operationalising ...

The rules, published in the official gazette on November 13, lay down detailed timelines and obligations for companies handling personal data and create enforceable rights for users ...

Rules impose strict timelines and compliance requirements on companies handling personal data, involving user notifications, data retention, and security measures. The rules iterate annual impact ...

Platforms will be required to delete the personal data of any user who has not logged in or used the service for three consecutive years.

The new rules allow for a staggered implementation road map, giving companies, data fiduciaries, data principals, and other ...

The DPDP rules call for the setting up of a Data Protection Board, a key regulatory body. The rules also guide data breach ...

India's Digital Personal Data Protection (DPDP) Act, 2023, was brought into effect on Friday as the ministry of electronics and IT (Meity) notified the rules and set up a four-member board for data ...

While the law itself came into force earlier, the operational rules now specify which provisions take effect immediately, which will apply after one year ...

The Government has operationalised the Digital Personal Data Protection (DPDP) Rules 2025, completing the rollout of India’s ...