Section 10: Additional Obligations of Significant Data Fiduciary

Chapter: Obligations of Data Fiduciary

Maximum Penalty: Up to ₹150 Crore

Overview

SDFs must appoint a DPO in India, engage auditor, conduct DPIAs. This section falls under the "Obligations of Data Fiduciary" chapter of the Digital Personal Data Protection Act 2023, which was enacted to establish a comprehensive framework for data protection in India.

Key Points of Section 10

• Significant Data Fiduciaries must appoint a Data Protection Officer based in India
• Must conduct periodic Data Protection Impact Assessments
• Must undergo independent data audits and publish compliance reports

Who This Applies To

Organizations designated as Significant Data Fiduciaries by the Central Government

Compliance Action Steps

1. Appoint a qualified Data Protection Officer in India
2. Schedule and conduct Data Protection Impact Assessments
3. Engage independent auditors for compliance verification

How Complynz Helps

Complynz automates compliance with Section 10 through AI-powered assessments, policy templates, and continuous monitoring. Our platform maps each DPDP provision to actionable controls so your team can achieve and maintain compliance efficiently.

Take Free DPDP Assessment | DPDP Compliance Checklist | View Pricing

Back to Complete DPDP Guide