🇮🇳IndiaActive
GDPR compliance in India
The GDPR applies to any organization processing personal data of EU residents, regardless of where the organization is based.
Enforcement authority
National Data Protection Authority
Maximum sanctions
Up to 4% of global annual turnover or EUR 20 million, whichever is greater.
Obligations
Key obligations
What GDPR requires from organizations operating in India.
Appoint a Data Protection Officer (DPO) where required
Maintain records of processing activities (ROPA)
Conduct Data Protection Impact Assessments (DPIA)
Implement data breach notification within 72 hours
Ensure lawful basis for all data processing
Local context
Local context in India
Enforcement varies by member state. Some DPAs are more active than others.
Frequently asked questions
How does GDPR apply in India?
The GDPR applies to any organization processing personal data of EU residents, regardless of where the organization is based.
Who enforces GDPR in India?
National Data Protection Authority
What are the penalties for GDPR non-compliance?
Up to 4% of global annual turnover or EUR 20 million, whichever is greater.
GDPR in other jurisdictions
Check your GDPR compliance now
See your risk score and applicable obligations in action.