What rights of the Data Principal should be explicitly mentioned in the notice?

Viewed 87
email consent

We are planning to send email to data principal to collect consent. Can someone give me sample of information that needs to be displayed in the notice?

Akshay145
2 Answers

As per Chapter 3, Sections 11-14 of DPDPA 2023, An individual whose data is being processed (data principal), will have the right to:
(i) obtain information about processing,
(ii) seek correction and erasure of personal data,
(iii) nominate another person to exercise rights in the event of death or incapacity, and
(iv) grievance redressal.

Bhardwaj Kulkarni 241

This notice is intended to inform you, the Data Principal, of how we, <Company Name/Brand Name> (the Data Fiduciary), intend to process your personal data. Your informed consent is crucial, so please review this notice carefully.

  1. Data Collection
    The following personal data will be collected from you, solely for the purposes mentioned below:
    • Name
    • Email ID
    • Credit card details
    • Address
  2. Purpose of Data Processing
    Each type of collected data will be used for specific purposes:
    • Name and Email ID: To register you as a customer and send updates.
    • Credit Card Details: To process payments for transactions.
    • Address: To facilitate delivery of goods.
  3. Limitation on Data Collection
    Only the minimum necessary personal data required for the stated purposes will be collected.
  4. Use Restrictions
    Personal data provided will not be used for purposes other than those explicitly stated in this notice.
  5. Data Retention
    Personal data will be retained only as long as necessary for the purposes listed, or as required by law:
    • Data related to customer status will be retained only while you remain an active customer.
  6. Consent Withdrawal
    You may withdraw your consent at any time, resulting in the deletion of your data, unless legal obligations necessitate retention. [Withdraw Consent Here (hyperlink)]
  7. Data Principal Rights
    You have rights concerning your personal data, including:
    • Accessing your data
    • Correcting inaccuracies
    • Data portability
    • Requesting erasure or suspension of data
    • Seeking remedies for data processing issues
  8. Grievance Redressal
    If you have concerns or complaints about data processing, you can register a grievance [Here (hyperlink)]. If you do not receive a response within the legal timeframe, recourse is available under the Protection of Privacy in Information Technology Act. [File Complaint (hyperlink)]
  9. Save Notice
    You can download and save a copy of this notice for your records. [Download Here (hyperlink)]
    Data Protection Officer

Sachin281
Related Questions
What rights of the Data Principal should be explicitly mentioned in the notice?
2 answers