Your Data Under Lock & Key! India's New Privacy Act Forces Companies to Delete Inactive Accounts!
Tech
|
Updated on 14th November 2025, 10:05 AM
Author
Akshat Lakshkar | Whalesbook News Team
Crux:
India's Digital Personal Data Protection (DPDP) Act has introduced strict new rules for e-commerce, social media, and online gaming companies. Platforms must now delete personal data of users inactive for three consecutive years, with a 48-hour warning before deletion. These regulations apply to companies exceeding user thresholds, such as online gaming with over 50 lakh users and social media/e-commerce with over two crore users in India. Larger platforms designated as 'significant data fiduciaries' face additional annual audits and data protection impact assessments to ensure user rights are protected.
▶
Detailed Coverage:
The Indian government has officially notified detailed regulations for the Digital Personal Data Protection (DPDP) Act, marking a significant step in the country's digital privacy landscape. This new framework mandates stringent data-retention policies for major online platforms. E-commerce, social media, and online gaming companies will now be required to delete the personal data of any user who has remained inactive for three consecutive years. Before data deletion, these platforms must provide users with a 48-hour notice. The rules specifically target online gaming companies with over 50 lakh users and social media and e-commerce platforms with more than two crore registered users in India.
Furthermore, platforms identified as 'significant data fiduciaries' – those with over 50 lakh users – face heightened compliance obligations. These include conducting annual audits and Data Protection Impact Assessments to ensure their systems, algorithms, and procedures do not compromise user rights. They must also annually verify the safety and compliance of their technical measures. While the DPDP Act permits cross-border data transfers, the government emphasizes that these must adhere to regularly updated rules, particularly when data is sent to foreign states or entities controlled by foreign governments. These comprehensive measures aim to bolster data governance and enhance user protection across India's rapidly expanding digital ecosystem.
**Impact**: This news will have a direct impact on Indian stock market companies operating in the digital space, potentially increasing operational and compliance costs. Companies will need to invest in robust data management systems and processes. User trust and data security could become significant competitive differentiators. The regulations may also influence investment strategies in the tech and e-commerce sectors. Rating: 7/10.
**Difficult Terms**: * **Data-retention rules**: Regulations that specify how long companies must keep customer data. * **Social media intermediaries**: Platforms that facilitate communication and content sharing for users, like Facebook or Twitter. * **Significant data fiduciaries**: Companies that handle a large volume of personal data and are therefore subject to stricter regulatory requirements. * **Data Protection Impact Assessment (DPIA)**: A process to identify and minimize data protection risks associated with a project or system. * **Cross-border transfers**: Moving personal data from one country to another.
Brokerage Reports Sector
Motilal Oswal's Bold Call: Cello World Stock Set for Major Gains! BUY Rating Maintained!
Gujarat Gas Surge Ahead? Motilal Oswal Sets Bold ₹500 Target – What Investors MUST Know!
Navneet Education Downgraded: Brokerage Slams Stationery Woes, Cuts EPS Estimates Sharply!
Thermax Stock Surge Alert? Analyst Upgrades Rating, Reveals New Price Target After Correction!
Laxmi Dental Beats Revenue Expectations! But US Tariffs & Competition Dent Profits? Motilal Oswal's INR 410 Target Revealed!
BUY Signal! Motilal Oswal Boosts Ellenbarrie Industrial Gases Target to ₹610 – Is This Your Next Big Investment?
Law/Court Sector
