Page 40 - BANKING FINANCE November 2018
P. 40

A

              li a ili                                                            e   ion  or S ar  u

            he dra t la  seeks to regulate   kinds o  data collected  rocessed stored       a  start u   engages  in   anual
           disclosed    an   erson or entit  i e                                 rocessing  o   data   as  o  osed  to
                e sona  data   hich identi ies details o  a  erson such as their na e   auto ated  eans  and does not
               contact address   hone nu  er  e ail address etc  and
                                                                                i    a e a turno er o   ore than   R
                 ens t  e  e sona  data  including  ass ords   inancial data  health data      lakhs in the  receding  inancial
                io etric data etc                                                    ear  and

                                                                                ii   Collect   ersonal  data   or  the
               li a ili   o    e       ro e  in        Da a  rin i al
                                                                                     ur ose  o   disclosure  to  third
            Dra    aw                  n         er     o a e     o a e
                                                                                     arties  and
                                       n ia     ea     in  n ia    er ea
                                                                                iii   rocess   ersonal  data  o    ore
            Data           ocated
                                                                                    than     indi iduals in a gi en da
             iduciar      in  ndia
                                                                                    in the  receding     onths
             rocessor      ocated
                          o erseas
                                                                                 hen  certain  co  liance  such  as
                                                                                 ro ision  o   notice   storage  o
               i  in connection  ith an   usiness carried on in  ndia  or an  s ste atic
                                                                                li itation  certain trans arenc  and
               acti it  o  o  ering goods or ser ices to data  rinci les  ithin  ndia  or in
                                                                                accounta ilit   easures etc   should
               connection  ith an  acti it   hich in ol es  ro iling o  data  rinci les  ithin
                                                                                not a  l
                ndia
               nless s eci icall  e e  ted  such as in the case o  outsourcing contracts   o e e  tion a aila le to  uto ated
                                                                                 rocessing o  data
             a  i  Si ni i an  Da a  i u iar

              an  entit   rocesses                                              Da a S ora e
           i    arge  olu es o   ersonal data                                    s a general rule  a co   o  all  ersonal
           ii    er  Sensiti e  ersonal data                                    data and sensiti e  ersonal data should
                                                                                 e stored on a ser er or a data centre
           iii   as a high turno er
                                                                                in  ndia
           i   Data that has a risk o  har  to the user
                                                                                  his rule  rings additional cost o  data
                ses  ne  technologies   or  rocessing
                                                                                storage  and  trans er  to  those   ho
              the entit  is classi ied as  signi icant data  iduciar   then the  ha e to co  l   ha e their data outside  ndia
            ith additional re uire ents such as data  rotection  i  act assess ents
           record kee ing  data audits and a  ointing data  rotection o  icer to ensure   n addition to this consent is re uired
           co  liance                                                            or data trans er to outside  ndia  ia
                                                                                i   Certain  ro isions  hich  ould  e
              ainin  Con en   ro  Da a  rin i al   Mo   Cri i al                     re a  ro ed      the  data
                                                                                     rotection authorit
            n one  ho does collection   rocessing  storage  disclosure o   ersonal or
           sensiti e  ersonal data o  a user  Data  rinci al  is re uired to take consent and  ii    o ern ent a  ro es the location
           na ed as Data  iduciar     ne  ho  rocesses such data is Data  rocessor   or organi ation  or the trans er
                                                                                iii     the data  rotection authorit
           Consent o tained should  ention the  ur ose o  collection and  ould need to
                                                                                    s eci icall   a  ro es  such  a
            ention nu erous as ects and  hich is  ost critical   n or ation re uired to
                                                                                    trans er due to necessit
            e  ro ided    the Data  iduciar  to the Data  rinci le in the notice are
            entioned in Section   o  the dra t la                                 art  ro  the a o e the la  talks


              0 | 2018 | NOVEMBER                                                           | B N  N    N N E
   35   36   37   38   39   40   41   42   43   44   45