As indicated in previous blogs, we are covering commonly-held misconceptions to provide clarity over what's important to those embarking upon their DPDPA compliance journey. Our particular focus here is on compliance with India’s new Digital Personal Data Protection Act, but it is worth reiterating that the lessons are globally applicable.
In this week's post, we focus on a common misunderstanding that is causing some confusion.
Misconception 6: No consumers, no problem
All people are data principals. So even if you’re a manufacturer or a B2B service provider, you will still have data protection obligations to your employees, your former employees and pensioners, every past and present employment candidate, your counterparties at your suppliers and customers, any visitors whose data you collect and anyone from the wider community with whom you have digital contact. While you don’t have to deal with quite as much of the consent issue because employment processing is a justification in itself for processing, all of the same principles around transparency and data principal rights still apply to you, and you are still accountable as a data fiduciary.
Rather watch as a video? Click below.
-----------------------------------------------------
Read our 10 DPDPA misconceptions series
Interested to read the series in full? Click on the links below.
Misconception 1: data protection is all about breach prevention
Misconception 2: Compliance is just paperwork.
Misconception 3: it’s all about consent
Misconception 4: personal data is PII
Misconception 5: Consumers don’t care about privacy
Setting off on your DPDPA compliance journey?
If you’d like us to help you achieve DPDPA compliance and transform your data from a risk into an asset, you can Contact Us.
If you are looking for more information regarding DPDPA compliance, visit our DPDPA resources page.