Data>Nuance
All insights
GuideHeightened duties

Children's data under Section 9 of the DPDP Act

Heightened duties for teams building products that may process a child's personal data.

Data>Nuance

Section 9 addresses processing personal data of children. Products that are used by, aimed at, or reasonably likely to include children require deliberate assessment before launch.

Operational questions

  • Can the service identify whether the heightened duty applies?
  • What verifiable parental consent mechanism is appropriate?
  • Could tracking, monitoring or advertising create prohibited risk?
  • Are vendors and analytics tools aligned with the same restrictions?

A children's-data review should be built into product approval, not deferred until a complaint occurs.

This publication is general information and is not legal advice for a specific organisation or matter.

Continue reading

DPDP Act

DPDP Act implementation roadmap for Indian businesses

A practical roadmap for Indian businesses turning DPDP Act obligations into owners, workflows, records and implementation controls.

Read insight

DPDP Act

DPDP applicability assessment for Indian organisations

How Indian organisations should test whether a workflow falls within the DPDP Act and document the resulting controls.

Read insight

Start with context

Book a focused DPDP Act consultation.

Bring an upcoming launch, notice review, data mapping question, incident readiness issue or implementation deadline. We will help identify the right next step.

Book consultation Submit a brief