The DPDPA 2023 obligates significant data fiduciaries to appoint a Data Protection Officer (DPO) who shall –
- Represent the Significant Data Fiduciary
- Be based in India
- Be an individual responsible to the Board of Directors or similar governing body of the Significant Data Fiduciary
- Be the point of contact for the grievance redressal mechanism