Every significant data fiduciary shall appoint a data protection officer possessing such qualification and experience as may be specified by regulations for carrying out the following functions
(a) providing information and advice to the data fiduciary on matters relating to fulfilling its obligations under this Act;
(b) monitoring personal data processing activities of the data fiduciary to ensure that such processing does not violate the provisions of this Act;
(c) providing advice to the data fiduciary on carrying out the data protection impact assessments, and carry out its review under sub-section (4) of section 27;
(d) providing advice to the data fiduciary on the development of internal mechanisms to satisfy the principles specified under section 22;
(e) providing assistance to and co-operating with the Authority on matters of compliance of the data fiduciary with the provisions under this Act;
(f) act as the point of contact for the data principal for the purpose of grievances redressal under section 32; and
(g) maintaining an inventory of records to be maintained by the data fiduciary under section 28.
Nothing contained in sub-section (1) shall prevent the data fiduciary from assigning any other function to the data protection officer, which it may consider necessary.
The data protection officer appointed under sub-section (1) shall be based in India and shall represent the data fiduciary under this Act.
- Section 30 is not applicable to "small entity" (Ref:Section 39(1))
The contents of the website is provided "as is", without warranty of any kind, express or Implied, including but not limited to the warranties of merchantability, Fitness for a particular purpose and noninfringement. In no event shall the Authors or copyright holders or sponsorers be liable for any claim, damages or other Liability, whether in an action of contract, tort or otherwise, arising from, Out of or in connection with the website or the use or other dealings in the website.