Chapter 1 of the Digital Personal Data Protection Act 2023 is titled Preliminary
The purpose of this chapter is to provide the basic framework and terminology for the act and to establish the legal basis and boundaries for the processing of personal data in India. The chapter also sets the tone and direction for the rest of the act, which elaborates on the rights and obligations of the data principles and data fiduciaries, the grounds and conditions for the processing of personal data, the exemptions and exceptions to the act, the establishment and functions of the Data Protection Authority of India, the penalties and remedies for the violations of the act, and the transitional and miscellaneous provisions.
Section 1 – Short title and commencement: This section states that the act may be called the Digital Personal Data Protection Act, 2023 and it shall come into force on such date as the Central Government may, by notification in the Official Gazette, appoint.
Section 2 – Definitions: This section defines various terms used in the act, such as personal data, data fiduciary, data principal, data processor, consent, harm, sensitive personal data, critical personal data, significant data fiduciary, and so on.
Section 3 – Application of Act: This section specifies the scope and extent of the act, which applies to the processing of personal data by data fiduciaries or data processors that are located within the territory of India, or that are not present within the territory of India, but process personal data in connection with any business carried on in India, or any systematic activity of offering goods or services to data principals within the territory of India, or in connection with any activity which involves profiling of data principals within the territory of India.