Rule 1. Short Title & Commencement

Rule 2. Definitions

Rule 3: Notice given by Data Fiduciary to Data Principal

Rule 4: Registration and Obligations of Consent Manager

Rule 5: Processing of personal data for provision or issue of subsidy, benefit, service, certificate, license or permit by State and its instrumentalities

Rule 6: Reasonable Security Safeguards

Rule 7: Intimation of personal data breach

Rule 8: Time period for specified purpose to be deemed as no longer being served

Rule 9: Contact information of person to answer questions about processing

Rule 10: Verifiable consent for processing of personal data of child

Rule 11: Verifiable consent for processing of personal data of person with disability who has lawful guardian

Rule 12: Exemptions from certain obligations applicable to processing of personal data of child

Rule 13: Additional Obligations of Significant Data Fiduciary

Rule 14: Rights of Data Principals

Rule 15: Transfer of personal data outside the territory of India

Rule 16: Exemption from Act for research, archiving or statistical purposes

Rule 17: Appointment of Chairperson and other Members

Rule 18: Salary, allowances and other terms and conditions of service of Chairperson and other Members

Rule 19: Procedure for meetings of Board and authentication of its orders, directions and instruments

Rule 20: Functioning of Board as digital office

Rule 21: Terms and Conditions of appointment and service of officers and employees of Board

Rule 22: Appeal to Appellate Tribunal

Rule 23: Calling for Information from Data Fiduciary or Intermediary