India’s Data Privacy Rules: What Your Business Needs to Know

India’s Ministry of Electronics and Information Technology finalized the Digital Personal Data Protection Act (DPDP) Rules on November 13, 2025, enabling phased implementation of India’s data privacy regime. The Rules establish consent and notice requirements, create a new “consent manager” role, set breach reporting deadlines, impose security standards, and include parental consent and cross‑border data transfer provisions. Businesses processing Indian personal data must update privacy practices, consider consent management frameworks, and monitor evolving compliance timelines.

Read more