September 21, 2023

Data Protection Laws and Privacy Policy

Society has evolved with digitization. With the changing digital population in India, every microsecond online services and companies are revised. Technology, combined with sizable online information mines, has overpowered the boundaries of the standard business industries. The industry is changing every day as an ecosystem- health care, fitness, music, and fashion, e-commerce, travel, finance, software solutions, the arts, films, etc. The values of these industries’ businesses are no longer restricted to the selling and purchase of vanilla or a single model of service. 

Data protection and privacy laws throughout the world need that you have a privacy policy on your site, and that is available via a mobile app when you receive personal information from visitors to your website.

What Is Privacy Policy? 

It is a legal agreement that describes what personal data you gather from website visitors, how you can use this information, how you manage it, and whether you have enough means and strategy to safeguard data.

The privacy policy is not only a formal requirement but a statutory one. Each intermediary needs to make sure the publication of a privacy policy as per Information Technology (Intermediaries guidelines) Rules, 2011. Under the Information Technology Act, 2000, almost any modern website, including blogs, e-commerce websites, and the social media network, will be defined as an intermediary, letting users create content and communicate with one another.

Data Protection Laws in India

Data Protection is defined as the set of privacy laws, policies, and processes that aim to decrease intrusion into one’s privacy caused by the collection, storage, and broadcast of personal data. Personal data usually refers to the information or data which is related to a person who can be identified from that information or data whether gathered by any Government or any private organization or an agency.

Data security relates to the collection, storage, and broadcast of personal information in a set of privacy policies, processes, and laws that mitigate intrusion into one’s privacy. Personal data generally is related to data and information related to a person who may be easily identified with the given information by any entity, government, or private.

The government alerted the Information Technology Rules, 2011. The Rules which are discussed upon the prevention of “sensitive personal or personal information of a person,” involving personal information consisting of – 

– Email IDs and Associated Passwords

– Banking and Financial information

– Credit/debit card number, Bank account number, or other payment instrument details;

– Health condition – Physical, physiological, and otherwise. 

– Person’s sexual orientation;

– History of medical records and history;

– Biometric information.

The rules build the appropriate security practices and processes to be followed when dealing with “personally sensitive information” by the body to incorporate or anyone who collects, receives, owns, stores, distributes, or handles information. In the case of any disruption, the corporate entity or any other individual acting by the virtue of the company may be held responsible for harm to the affected person.


Due to the increasing growth of the digital population in India, data privacy and data security are currently important questions. When browsing the Internet every internet user forgets his digital footprints in the form of personal data. This could range from giving their IP address, mobile number, name, or private and sensitive details such as their sexual orientation and medical records, etc. intentionally or unintentionally. It makes internet users exposed to crimes such as privacy violations, identity robbery, and financial crimes.

The main issue today is the development of a privacy policy that balances Internet users’ privacy with the increasing needs of businesses. Terms of use and privacy policy must be seen as an art form rather than a long-form, i.e., a document carefully drafted to the requirements of businesses and the general principles of law.


Leave a Reply

Your email address will not be published. Required fields are marked *