DPDP Act (Digital Personal Data Protection Act 2023)
India's landmark data privacy legislation governing the collection, processing, and storage of personal data, with direct implications for background verification practices.
The Digital Personal Data Protection Act 2023 (DPDP Act) is India's comprehensive data privacy law, enacted in August 2023. It establishes a framework for the lawful processing of personal data of Indian citizens and creates obligations for organisations (termed 'Data Fiduciaries') that collect and process such data.
For HR and background verification, the DPDP Act has several key implications: (1) Mandatory consent before collecting candidate data for BGV; (2) Purpose limitation — data collected for BGV cannot be used for other purposes; (3) Data minimisation — only necessary data can be collected; (4) Storage limitation — data must not be retained beyond the necessary period; (5) Data processor obligations — BGV vendors must be contractually bound as Data Processors; and (6) Candidate rights — to access, correct, and erase their data.
Non-compliance can result in penalties up to ₹250 crore per violation.
Used in:
Start Background Verification Today
Fast, affordable, DPDP-compliant employee screening. Packages from ₹499.
Frequently Asked Questions
Related Terms
Background Verification (BGV)
The process of independently confirming information provided by a job applicant, including identity, education, employment history, and criminal record.
Adverse Action
The formal process an employer must follow when making a negative hiring decision based on background verification findings.
Candidate Consent
The explicit, informed permission obtained from a job applicant before collecting and processing their personal data for background verification purposes.