Skip to main content

Q1 - What happens if a company ignores a Data Principal’s request for erasure or correction?

Answer
  • The Data Fiduciary (company) is legally obligated to act on a Data Principal’s request to correct or erase personal data, unless there is a valid legal reason to retain it (e.g., tax, regulatory obligations).
  • If the company ignores the request, the individual can escalate it to the Data Protection Board of India.
  • The Board can then direct the company to comply and may impose penalties for non-compliance.
Example

Krishna requests a telecom company to erase his old KYC documents after closing his connection.
If the company ignores him, he can escalate to the Board.
The Board may order the company to delete the data and impose a fine, since retention after closure serves no purpose.