Consequences of Non-Compliance with Data Protection Act 2023

Questions and Answers

What is the main purpose of a data protection policy like the one tailored for Amex Pvt Ltd?

• To collect personal data without consent
• To store personal data indefinitely
• To safeguard personal data from unauthorized access or alteration (correct)
• To use personal data for unintended purposes

Who is referred to as the Data Principal in the context of the data protection policy for Amex Pvt Ltd?

• The Data Protection Authority
• The Data Protection Officer
• The Data Disclosure Manager
• Individuals whose data is collected (correct)

What is meant by 'Processing' in the context of personal data?

• Operations on personal data like collection and storage (correct)
• Retaining data indefinitely
• Sharing data without consent
• Disposing of data promptly

According to the policy highlights, when should data be disclosed by Amex Pvt Ltd?

With explicit consent from the data principal (D)

What action should be taken if there is a data breach according to the Amex Pvt Ltd data protection policy?

Promptly report it to the Data Protection Authority and affected data principals (B)

'Data Disposal' in the policy refers to what specific action?

Securely disposing of data that is no longer needed (B)

'Data Rectification' as per the policy allows for what action?

Allowing rectification of inaccurate data upon request (A)

'Data Access' in the context of the policy refers to what?

Providing access to personal data for data principals (D)

'Commitment to training, technical safeguards, audits, and DPDP Act adherence' shows Amex Pvt Ltd's dedication towards:

Regular policy reviews and compliance. (A)

What role does the Appointed Data Protection Officer (DPO) play in Amex Pvt Ltd's compliance with the DPDP Act 2023?

Overseeing compliance with the DPDP Act 2023. (C)