How we collect personal information

We will only collect personal information by lawful and fair means. Personal information may be collected directly from you or your authorized representative or may be collected from a third party such as a licensee or representative authorized by us to provide services to you. You may supply your personal information to us in person when using our websites, apps, and digital tools, or communicating with us via social networks and other online channels, e.g. through your Facebook or Twitter identity.
We do not collect personal and sensitive information unless the information is reasonably necessary for our business functions or activities. We will obtain your consent before collecting any sensitive information.
When you deal with us, you will need to identify yourself in order for us to provide our services to you, as such we do not accept the use of pseudonyms.

If you access our websites or apps, we may collect additional personal information about you in the form of your IP address and/or domain name. For more details please see our Website Cookie Policy for further information.

The way in which we use and disclose personal information
We will use or disclose your personal information only for the purposes for which it was collected. We will use or disclose your information for another purpose only if you have consented, or if you would reasonably expect us to do so or as required by law.
We may use your personal information for the purposes of our own direct marketing, however, we will ensure you have the ability to opt out of future such communications.
We use Facebook Custom and Lookalike Audiences to deliver advertisements to Facebook users based on email addresses, phone numbers, and visits to our websites and app. We may use the information we collect from you to display advertisements to our target audience of users.

Disclosure to others
We may disclose your personal information to overseas recipients such as education institutions located outside your home country, overseas visa agencies, IELTS test centers, professional bodies, commercial organizations, or regulatory authorities when you have sought our assistance to apply for study at those institutions or where disclosure is required for verification purposes. As such, the location of these overseas recipients would depend on the specific institutions to which you apply or where such verification is required.

For events or conferences, we may disclose, with your consent, some of the information that is collected via the online registration form such as your name or your email address to sponsors for marketing purposes.

This information is stored and accessed only as required to provide our services to you. Where we transfer data to offshore servers, the data is subject to use restrictions and safeguards against unauthorized access.
The information disclosed to overseas recipients consists of any information you have given us to provide the relevant services. By accepting services from us, you consent to us providing your personal information to the relevant overseas recipient as mentioned above. 

The steps we take to protect and keep secure the personal information we hold
We take reasonable technical and organizational measures to protect the personal information we hold against interference, loss, unauthorized access, use, modification or disclosure, and other misuse.

The steps we take include:

maintenance of computer technology, people, and process-based security measures for example firewalls, network security configurations, encryption, use of passwords, and other appropriate measures where information is held in electronic form;
regular updates to security systems and configurations to protect our systems from malicious activity;
restriction of access to data to only those staff that need access to carry out our business activities;
training and ensuring that all our employees are required, as a condition of employment, to treat personal information held by us as confidential.
However, you should be aware that if you submit information to us electronically the internet is not a secure environment. We take reasonable steps to provide a secure channel for receiving information but cannot absolutely protect personal information before it reaches us.
Retention
When the personal information that we collect is no longer required, we will destroy, delete it in a secure manner, or ensure that the information is de-identified in accordance with our information destruction and de-identification policy unless we are required by law to retain a copy of the personal information or the information is contained in a Commonwealth record.

Your rights
You have the right to seek access to any of your personal information held by us unless there is a valid reason under the Privacy Act or Data Protection Act for us to withhold the information.
Valid reasons include:
We have reason to suspect that unlawful activity or misconduct of a serious nature has been engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
Giving access would reveal evaluative information generated within us in connection with a commercially sensitive process.
If your personal details change, or you believe the information we hold about you is incorrect, incomplete, or out-of-date, please contact us so that we can correct our records.
Right to erasure
At your request, we will remove all the data we have for you which we are not required legally to retain.
Right to restrict processing
You have the right to restrict processing when you have exercised one of the above rights and it may take some time to process that request. For example: when you contact us to update your details you have the right to request restriction until your details are updated.
Right to withdraw consent
For the processing activities where we have asked you for consent, you have the right to withdraw this consent at any point by unsubscribing from a message from us, or by contacting info@immitalks.com

Right to object
You can object to the processing of your personal data.
Right to not be subject to automated decisions and profiling
None of our processing activities are purely automated and no decisions are made without human intervention. There are instances where we process data to analyze or predict behavior but we will ask you for explicit consent when this processing will involve your personal data.
Right to data portability
If you have provided us with your personal data with consent or under the contact obligations, you have the right to request the data you have provided to us in a machine-readable format should you decide to move to another data controller.
Making a request
Requests for access or correction to your personal information or other privacy rights described above should be addressed to The Immi Talks by emailing info@immitalks.com. All requests will be responded to in writing within a reasonable period of time. As part of this process, we will verify the identity of the individual requesting the information prior to providing access or making any changes. If we cannot fulfill your request, we will respond and provide you with an explanation.

Make a complaint if you are unhappy about how we have dealt with or are dealing with your personal information
We have procedures in place to deal with your inquiries or complaints.
If you have any questions about our policy or any complaint regarding the treatment of your privacy by us, please contact info@immitalks.com.
If you feel we have intruded on your privacy or misused your data, you are able to complain.
In Australia Office of the Australian Information Commissioner’s (OAIC) website at www.oaic.gov.au

The contact details for the OAIC are:

Office address:

Email: info@immitalks.com
In the UK
Information Commissioners Office
https://ico.org.uk/concerns/

Updates to this Policy
This version of the policy was published on 14 February 2020. From time to time we may update this privacy policy. We encourage you to take the time to review it any time you provide us with personal information.
We aim for there to be no surprises in our dealings with your personal information. If we make significant changes to the policy and we have your email address, we will send you an email informing you of these changes, how they may impact you, and reminding you of your privacy rights.

Immi Talks will not share your details with others without your permission:

I agree to Immi Talks Terms and privacy policy
Please contact me by phone, email, or SMS to assist with my inquiry
I would like to receive updates and offers from Immi Talks

Privacy Policy

1. Information Collected:
– We collect various types of customer information, including:
– Personal details (e.g., name, address).
– Contact information (e.g., email, phone number).
– Payment data (e.g., credit card information).
– Usage data (e.g., website activity, preferences).

2. Purpose:
– We collect customer information for the following purposes:
– Providing and improving our services.
– Ensuring the security of customer accounts.
– Enhancing the customer experience.

3. Consent:
– We obtain customer consent for data collection and usage through clear and transparent opt-in mechanisms during registration or when necessary.

4. Security Measures:
– We implement robust security measures to protect customer data from unauthorized access or breaches. These measures include encryption, access controls, and regular security assessments.

5. Data Sharing:
– Customer data is not shared with third parties without explicit consent, except when required by law or to provide our services effectively. Any sharing is limited to the purposes stated in this policy.

6. Data Retention:
– Customer data is retained only for as long as necessary to fulfill the purposes for which it was collected. When data is no longer needed, it is securely deleted or anonymized.

7. User Rights:
– Customers have the following rights regarding their data:
– The right to access their information.
– The right to correct inaccuracies.
– The right to request data deletion, subject to legal requirements.

8. Compliance:
– We are committed to complying with all relevant data protection laws and regulations

Data protection safeguards sensitive data against loss, manipulation, and misuse. The Hon’ble Supreme Court of India established the right to privacy as a fundamental right under Article 21 of the Constitution of India as part of the right to life and personal liberty in the case of Justice K.S. Puttaswamy v. Union of India (2017), also called the “privacy judgment.” An aspect of the right to privacy known as “informational privacy” has been acknowledged. The court also observed that information about a person and the right to access that information also require the protection of privacy. There are several proposed bills for data protection and the contributions of the Bureau of Indian Standards on data privacy. The Information Technology Act, 2000 (IT Act) and Indian Contract Act, 1872 are currently the data protection legislation in India because there isn’t any special legislation for this matter yet.
Need for data protection laws
The legislation on data protection explains what must be done to make sure that private data is treated ethically and appropriately.
Data protection laws control the gathering, use, transfer, and disclosure of personal information and the security of that information.
It gives people access to their data, establishes accountability standards for businesses that process it, and includes redressals for improper or harmful processing.
Data protection laws also provide remedies for false profiles and fraud that can also be made using stolen information.
When information falls into the wrong hands, it can jeopardize people’s safety in various ways, including their economic security, physical safety, and personal integrity, so to protect the users from that exploitation, data protection laws are significant.
Need for data protection laws in India
Millions of Indians use hundreds of applications daily, creating data trails that may be misused to create profiles, target advertisements, and forecast activity and trends.
In India, the intersection of the different laws for different fields creates ambiguity and it is one of the primary reasons behind the breach of a large amount of data. There is not yet a single codified law in India that pays close attention to all the aspects of data protection and keeps a record for the penalties that should be imposed.
Countless examples of nonexistent and malfunctioning grievance redressal mechanisms need to be quickly resurrected and reviewed. The enforcement mechanism frequently encounters a number of implementation issues while handling cases related to data breaches and cybersecurity.
Since India is a nation-state, the data of the citizens is considered a national asset. Depending on India’s security and geopolitical objectives, this national asset may need to be protected and stored within national borders. That would include not only the corporates, but also Non- Governmental Organisations and governmental bodies.
Despite India being a member to several international organizations that focus on data protection mechanisms like the United Nations Commission on International Trade and the provisions in Directive Principles of State Policies. Article 38 is related to the overall welfare of citizens. Privacy and data protection are essentially related to a welfare state. It also states in Article 51 that in order to create international peace and security, the State should work to promote adherence to treaty obligations and international law.
The users’ data must be maintained privately and in strict secrecy by any governmental or private institution, organization, or agency. The government can, however, intercept, monitor, and decrypt information generated, transmitted, received, or stored in any computer resource under the exceptions mentioned in Section 69 of the Information Technology Act, 2000.
Section 69
Section 69 of the Information Technology Act, 2000, provides that the government may demand the disclosure of any information in the public interest when it leads to illegal activities that compromise the national security, sovereignty, and integrity of India, the defence, the security of the state, its friendly relations, or public order when there are violations of the law or fraud.
Section 69A
The central government may request that any government agency or intermediary limit public access to any information created, sent, received, stored, or hosted on any computer resource under Section 69A for comparable reasons and grounds (as mentioned above). The term “intermediaries” would additionally mean search engines, online payment and auction sites, online marketplaces, and cyber cafés, and also cover telecom service, network service, Internet service, and web hosting providers. However, such requests for limiting access would have to be supported by written justifications.
Section 69B
The central government, for improving data security and for identifying, analyzing, and preventing invasion or computer contamination in the nation, may, by notification in the Official Gazette, authenticate any institution of the government to supervise and gather traffic data or information generated, transmitted, or received over any computer resource. Section 69B grants the authority to track and acquire traffic data or information.
Information Technology Act, 2000
On October 17, 2000, the Information Technology Act of 2000 was passed. It is the main Indian legislation governing e-commerce and cybercrime issues. The legislation was passed to uplift e-governance, provide legal backing for online transactions, and fight cybercrime. The primary goal of the law is to facilitate legal and reliable digital, computerized, and online operations and lessen or eliminate cybercrimes.
The international organization United Nations Commission On International Trade Law (UNCITRAL) adopted the UNCITRAL Model Law on Electronic commerce (E-commerce) ,1996 to bring legal consistency across several nations and it prompted the Government of India to enact legislation for India based on the guidelines provided in UNCITRAL, which was later revised and approved by the Ministry of Electronics and Information Technology and came to be known as the Information Technology Act of 2000. India became the twelfth nation to modify its cyber laws.

Scope of the Act
The Information Technology Act, 2000 is applicable all over India and also has extraterritorial jurisdiction, which applies to cybercrimes conducted outside India. If an Indian system or network is included, regardless of the offender’s country, it would be dealt with under the Act.

Objectives of the Act
To give legal status to all operations conducted electronically, whether through data interchange, other electronic communication, or e-commerce, as compared to the previous paper-based manner of communication.
To validate digital signatures as legal proof of any information or documents requiring legal verification.
To enable the electronic submission of papers with government departments and agencies.
To make electronic data storage easier in India.
To approve and make it easier for banks and other financial organizations to transfer money electronically.

Salient features of the Act
The salient features of the Act are as follows:
There are 94 Sections in the Act, divided into 13 Chapters and 4 Schedules.
All smart contracts made over secure electronic means are legally validated under it.
The Act keeps the required security precautions in check and a legal framework for digital signatures using cryptosystem was also added.
Electronic records have been authenticated.
There are also provisions for setting up a Cyber Regulations Advisory Committee to advise the Controller and the central government.
The Act permits senior police officers and other officials to enter any public space and make arrests for offenses covered by the Act without a warrant.
Powers of attorney, negotiable instruments, wills, and other similar documents are not subject to the regulations contained in this Act.
Finally, this act outlines the numerous cybercrimes and violations, defines them, and specifies the associated penalties.
The IT Act of 2000 was amended by IT Amendment Act, 2008. As a result, all types of communication tools and computer resources were now included in the scope and ambit of the IT act 2000.
Amendments to the IT Act in 2008
The use of devices and the internet has rapidly increased, which has led to new types of crimes like sending offensive emails and messages, child pornography, cyberterrorism, posting overtly sexual online material, video voyeurism, information leakage by intermediaries, and e-commerce scams like data theft and cheating by false representation, also known as phishing. So, the Information Technology Act of 2000 was needed to incorporate punitive measures. Cybersecurity, data protection, and the adoption of security methods and processes relating to these uses of online means have taken on greater significance due to the rise of digital information services like e-governance, e-commerce, and e-transactions. Furthermore, safeguarding critical information infrastructure is essential for maintaining public health, safety, the economic and national security; as a result, it has become vital to designate such infrastructure as a safeguarded system to prevent illegal access.
Amendments in Definitions
The word “Digital” has been changed to “Electronic” in the definition section, among other notable changes. As indicated above, this modification broadens the scope of the IT Act beyond digital media, making it more technologically neutral as the creation of an electronic signature does not need any particular technological procedure. It would clearly refer to only online transactions even if they were.
A new definition has also been inserted for “intermediary.”
The inclusion of “cell phones, personal digital assistants,” and other similar devices in the definition of “communication devices” defines its clear-cut applicability.
Another crucial addition that will impact the new Data Protection regulations provided under the Information Technology Act, 2008 is the broad definition of “cyber security” which now includes safeguarding data and equipment from unauthorized access, usage, publication, etc.
Major amendments in legislation
Section 66A
Sending offensive information over a communication device through an online device is prohibited by Section 66A of the Information Technology (Amendment) Act, 2008. This includes dangerous and inappropriate messages as well as messages that are misleading or inaccurate but are transmitted with the intent to “cause irritation, discomfort, fear, hindrance, humiliation, harm, criminal intimidation, hostility, hatred, or ill will” even while the sender is aware of their falsity.
Section 67 and 67A
The vast volume of “obscene” content shared online has long gathered attention in India. So it should be no surprise that obscenity is forbidden offline and online in the nation. Section 67 and 67A of the IT Act, which forbids obscene and sexually explicit information, have proven to be crucial measures to control it.
Section 69A
The Central Government may restrict content under Section 69A of the IT (Amendment) Act, 2008, if it deems that any such content threatens the sovereignty, security, integrity, or defense of the state, public order, friendly relations with foreign states, or attempts to incite the commission of a crime related to any of those as mentioned earlier. An independent set of rules called “Information Technology Rules (Blocking of Access of Information by Public Rules), 2009” has been notified for the enforcement of Section 69A, and it is called the Blocking Rules.
Section 77A and 77B
According to Section 77A of the ITA, 2008, all offenses under this Act—aside from those that carry a life sentence or a sentence of more than three years in prison, involve enhanced punishment, negatively impact the socioeconomic standing of the nation, or involve offenses against women or minors under the age of 18—can now be combined into a single offense.
In accordance with Section 77B, regardless of the provisions of the Code of Criminal Procedure, 1973, all offenses with a three-year or longer sentence are cognizable and subject to bail.
Section 79
The intermediaries in India are subject to regulation under Section 79 of the Information Technology Act, 2008. This section gained notoriety primarily due to the notorious IT Rules, or Intermediary Guidelines Rules, created under the power of the central government to make rules under Sections 87(1) and 87(2)(zg).
A “safe harbor” feature in Section 79 of the Act exempts intermediaries from responsibility for the actions of third parties under certain circumstances. This provisional immunity is granted to intermediaries under Section 79(1) of the Act with respect to any information, data, or communication connection made available or hosted by them on behalf of a third party. For Example: If a person or bot puts up any illegal content on Facebook, Facebook by “safe harbor” provision would escape liability by claiming that they had no knowledge about such activities.
Sections 79(2) and 79(3) of the Act apply to these exemptions. Essentially, circumstances, where the intermediary engages in technological, automated, or passive activities, are covered by Section 79(2). In order for Section 79(2) to be applicable, intermediaries must not be aware of or in charge of the data being sent or stored.
Additionally, the “notice and takedown” system envisioned by Section 79(3)(b) mandates that the intermediary remove illegal information as soon as it has actual knowledge of its existence.
The tremendous growth in internet usage has, however, resulted in an uptick in criminality, including child pornography, cyberterrorism, publishing sexually explicit information online, and video voyeurism. So, these provisions were needed to be included in the Information Technology Act, 2000.
Development of data protection legislations in India
The Supreme Court of India has established the right to privacy and data protection as a fundamental right in the case of Justice K.S. Puttaswamy (Retd.) v. Union of India (2017), and the present legislative framework for privacy outlined in the Information Technology Rules, 2011 (IT Rules, 2011) which governs the “collecting, receiving, possessing, storing, dealing, handling, retaining, using, transferring, disclosing sensitive personal data or information, security practices and procedures for handling personal information”. However this provision is considered to be insufficient as it fails to address among other issues, the misuse of data collected from children, breaches of data by corporations outside India and the limited scope of the definition of sensitive data.
It was insufficient on four levels:
First, the existing model assumes that privacy is a statutory right rather than a fundamental one and does not apply to the state’s processing of individual data.
Second, it understood only a few data types that must be shielded.
Third, it imposed few responsibilities on data controllers, which can also be waived by contract.
Fourth, there were few punishments for the violators.
Personal Data Protection Bill, 2018
The Justice Srikrishna Committee, tasked by the Ministry of Electronics and Information Technology (MeitY) with drafting data protection legislation for India, came out with the initial proposal of the legislation, the Personal Data Protection Bill, 2018. The government enacted this plan and presented it in Lok Sabha, but it was sent for further modification for the following reasons:
The new provision on data localisation may be the part that generated the greatest public controversy. The law mandates that data fiduciaries keep “at least one serving copy” of customer information on an Indian server or data center. The only rationale for such a rule is to make it simple for law enforcement to get this information.
This brings up the bill’s second issue: it permits the processing of personal data in the interests of state security if permitted and in accordance with legal procedure. It also allowed for the processing of personal data for the detection, investigation, and prosecution of any crime or other legal infraction. Given India’s inadequate laws prohibiting state monitoring, the state’s access to all personal data presents a serious danger to the right to privacy.
Last but not least, the draft law established a regulatory framework that was not independent enough: the regulatory system was heavily under the influence of the central government and was susceptible to being captured by businesses. On the proposal of an independent commission, the proposed legislation granted the central government the right to nominate members of the data protection authority. Five years were a very little period for a new institution to learn the ropes and obtain the independence it needs to function as an efficient regulator, yet that is how long the appointment could last.
Personal Data Protection Bill, 2019
This was followed by the Personal Data Protection Bill, 2019, which was later withdrawn amid promises of a replacement measure that would adhere to India’s extensive legal system, keeping in mind the other 81 suggested modifications by the Joint Parliament Committee.
Data Protection Bill, 2021
The Data Protection Bill, 2021, was a single law put out by the committee that would cover both personal and non-personal datasets. The report’s recommendation to move toward total localization of data was under question. A data protection authority had also been suggested in the withdrawn bill. As it develops the framework for the cross-border transfer, accountability of entities processing data, and potential remedies for unauthorized and harmful processing, it had also recommended explicitly stating the flow and usage of personal data as well as defending the rights of individuals for whom the personal data are processed.
Digital Personal Data Protection Bill (DPDP Bill, 2022)
Every digital processing of private information is now subject to the Digital Personal Data Protection Bill (DPDP Bill, 2022). This would cover both personally identifiable information gathered online and offline that has been converted to digital form for handling. This bill will affect the legal safeguards offered to customers of Indian start-ups doing business abroad, affecting their competitiveness. This viewpoint is further supported by the bill, which exempts the majority of its safeguards from applying to data fiduciaries in India who process personal data belonging to citizens of India. This draft is expected to be presented to the parliament for clearance in the upcoming session of the parliament in 2023.
Fine
Digital Personal Data Protection Bill 2022, which was released, to up to Rs 500 crore. The previous laws were limited to a maximum fine amount of Rs 250 crore. The government increased the fine amount for breaking the rules outlined in the new DPDP bill to make sure that the offenders comply strictly with the laws.
Rights
Right to be forgotten
Prior to this, the Union Government’s adjudicating officer had to authorize a request to be forgotten before the right could be used. The right to be forgotten for processing, which was previously restricted to disclosure, has been expanded according to the recommendations made in the Data Protection Bill, 2021.
Right to access data
According to the Srikrishna Report, a data fiduciary could enforce the substantive duties of a data fiduciary by exercising rights to confirmation and access. The PDP Bill incorporated the 2018 bill’s requirements while also granting the data principal the right to access all of the data fiduciaries with whom their personal data had been shared in one location. In accordance with the Data Protection Bill, 2021, the data subject has the option to choose a legal heir or legal representative as their nominee, who will be able to exercise their rights to confirmation and access as well as their right to be forgotten in the case of their passing.

Consent
Most data protection laws designate specific types of personal data as “sensitive personal data ” due to the higher risk of harm that may be caused by its unauthorized processing like biometric information, health information, genetic information, etc. So, clear consent will be required before processing, and data protection impact assessments are required, giving this personal data a higher level of safety as per the DPDP bill 2022. In PDP Bill, 2019, consent was made a significant part of the Act, and it even mentioned the provision for withdrawal. And before that in 2018 the JPC suggested a change in the consent as it had to be explicitly taken.

Regulation of Non-Personal Data

The DPDP Bill 2022 lays down the provision of laying down rules every year for the processing of non-personal data, whereas the PDP Bill, 2019 permits the central government to ask any data fiduciary to give the record for non-personal data. And the prior, PDP Bill, 2018 made no mention of this provision at all.
Bureau of Indian Standards on data privacy
A separate organization that regulates data, the Bureau of Indian Standards (“BIS”), has released new standards for data privacy assurance, namely the IS 17428. BIS was established as a national standards authority. It is designed to give enterprises a privacy assurance foundation to set up, carry out, keep up with, and constantly enhance their data privacy management system. It is an accreditation that companies may use to reassure their clients and staff about their privacy policies. It can also be strategically employed to set a company apart from its rivals in the market to control standardization, conformity evaluation, and quality control of both goods and services in India.
The Bureau of Indian Standards has published two Indian Standards, which are IS 17428- Data Privacy Assurance [Part 1] Engineering and Management Requirements and IS 17428- Data Privacy Assurance [Part 2] Engineering and Management Guidelines.
IS 17428: Data Privacy Assurance [Part 1] Engineering and Management Requirements

This part talks about the requirements of any organization. For an organization to properly define its role and obligations, the IS Requirements give fundamental definitions of “data controller,” “data processor,” “personal information,” “sensitive personal information, processing, consent,” etc., so that institutions can comply with them accordingly.

IS 17428: Data Privacy Assurance [Part 2] Engineering and Management Guidelines
It gives specific, suggesting approaches that help in carrying out these standards. It provides fundamental standards for technical design and information management and is lawful. The IS Guidelines offer in-depth advice on the methods and best practices to follow in order to comply with the IS requirements. The IS Guidelines additionally outline important facets to take into account for network infrastructure security and privacy.

Features of the new standards for data privacy
During the development life cycle of any product, service, or solution, the business must consider specific technical and design criteria.
The organization’s privacy needs to consider the relevant jurisdiction, like verifying and testing the relevant data privacy control before and during development.
Additionally, the company must set up certain privacy management procedures.
Duties like- the types of personal data and outsourcing regulations; the types of private information and leasing regulations; describing its organizational structure, roles, and procedures for responsibility, communication, and governance;
A list of such material and its flow- impose privacy regulations, determine the data retention duration and keep records of documentation and logs, create a technique for privacy effect assessments, create a grievance redressal framework that identifies the grievance officer, make their information public, and establishes processes for submitting and escalating complaints.
Improve the knowledge of the organization’s personnel who handle personal information.
Why India needs a new codified data protection law
India has seen huge technological advancements and is at par with other countries, but it lags with definite and stringent laws which address all the recent changes in the way our data is handled. Over the last two decades, countries like the USA, China and many more have adopted new laws for data protection. India currently lags in uniform legislation. The times require India to adopt new laws so that it can walk hand in hand with other countries.

The current Information Technology Act, 2000 is moderately handling India’s data protection issues, yet it is not very strict as it falls short in implementing the provisions properly. Data Protection with strict implementation is currently a requirement of India.
Spamming is also an issue that has recently taken prevalence where a user receives a large number of the same messages, repeatedly and clutters their inboxes. The USA and several European countries have laws punishing the sender of these spasms but India has no mention of it. Laws addressing recently arising problems are the need of the hour.
Online transactions also need to be addressed specifically, as it is currently being regulated by RBI norms, which should be addressed by relevant laws, which necessitates new laws on data protection in India even more.
Technology is outdated even before it is introduced, and it stands corrected in the situation India is in right now. There are several provisions like online banking, publication rules, cyber defamation, cyber terrorism, cryptocurrency and NFTs that are in dire need of being addressed by proper legislation so that issues related to them can be resolved.

9. Contact Information:
– For privacy-related concerns or requests, customers can contact us at +91-6005549183 or info@immitalks.com