Complete Guide 5 min read

Data Privacy Best Practices for Individuals in India

Protect your personal data online. Practical privacy measures for banking, social media, emails, and everyday browsing.

data privacy indiadigital privacy tipsprotect personal dataonline privacy india

Data Privacy in India in 2026

India's Digital Personal Data Protection Act (DPDPA) 2023 is now in effect, providing legal rights over your personal data. Organisations must obtain explicit consent before collecting data, allow withdrawal of consent, and provide data deletion rights.

Understanding your rights is the first step. Practising good privacy hygiene is the second.

Your Data Privacy Rights Under DPDPA 2023

Right to information: Know what data is collected about you and why.

Right to correction: Request correction of inaccurate data.

Right to erasure: Request deletion of data when no longer needed.

Right to grievance redressal: Complain to the organisation or the Data Protection Board.

Right to nominate: Nominate someone to exercise your rights if incapacitated.

Practical Privacy Measures

Passwords and accounts:

  • Unique password for every account (use password manager)
  • Enable 2FA on all important accounts
  • Use a password manager — Lazyblink Password Generator creates strong unique passwords

Email:

  • Create a separate email for newsletter signups and online shopping
  • Use your primary email only for banking, important services, and personal contacts
  • Review and unsubscribe from lists you no longer read

Social media:

  • Review privacy settings annually (platforms change defaults)
  • Limit who can see your posts, phone number, and location
  • Avoid posting documents, tickets, or ID cards — they contain scannable barcodes

Mobile apps:

  • Review app permissions quarterly. Does a photo editor need your contacts? Revoke unnecessary permissions.
  • Delete apps you no longer use — they still collect data in the background

Browsing:

  • Use HTTPS websites (check for padlock in browser)
  • Consider a privacy-focused browser (Firefox, Brave) for everyday browsing
  • Use DNS-over-HTTPS to prevent ISP from seeing which domains you visit

What to Do After a Data Breach

  • Change the compromised account password immediately
  • Change passwords on any other accounts where you reused that password
  • Enable 2FA if not already active
  • Monitor bank accounts and credit score for unusual activity
  • Check haveibeenpwned.com to see if your email appears in known breaches
  • Frequently asked questions

    What is DPDPA and does it protect me?

    The Digital Personal Data Protection Act 2023 is India's comprehensive data privacy law. It gives you rights to know, correct, and delete your personal data held by organisations. It is enforceable through the Data Protection Board of India.

    How can I find out what data companies have about me?

    Under DPDPA 2023, you can submit a data access request to any organisation that processes your data. They are required to respond with details of what data they hold and how it is used.

    Try this tool on Lazyblink

    Put this guide into practice with our free online tool — no signup required.

    Open tool