Professional Documents
Culture Documents
• professional activities.
The missing detail in Section 43A was finally provided by the Information
Technology (Reasonable security practices and procedures and sensitive
personal data or information) Rules 2011 (“Sensitive Personal Data Rules”)
which were issued in April 2011.
APPLICABILITY OF RULES
These Rules are applicable only to sensitive personal data or
information.
Privacy Policy
Consent for collection of data
Collection of data
Use and Retention
Opt Out/Withdrawal
Access and Review of Information
Grievance Mechanism
Limitation on Disclosure of Information
Limitation on Transfer of Information
Reasonable Security Practices and Procedures
PRIVACY POLICY: RULE 4
handling of or dealing in
Exceptions:
1. when disclosure is agreed upon in the contract;
2. when disclosure is necessary for compliance of a legal obligation;
3. when disclosure to Government agencies mandated under the law
to obtain information.
4. when disclosure to any third party by an order under the law for the
time being in force.
RULE 6
Rule 6 also forbids the following:
1. Publication of sensitive personal data or
information by body corporate or its
representative,
2. Disclosure by third party receiving the
sensitive personal data or information from
the body corporate.
LIMITATION ON TRANSFER OF
INFORMATION
RULE 7
Transfer allowed to:
another body corporate or a person
in India, or located in any other country.