THE SCHEDULE
[See section 33 (1)]
| Sl. No. | Breach of provisions of this Act or rules made thereunder | Penalty |
| (1) | (2) | (3) |
| 1. | Breach in observing the obligation of Data Fiduciary to take reasonable security safeguards to prevent personal data breach under sub-section (5) of section 8. | May extend to two hundred and fifty crore rupees. |
| 2. | Breach in observing the obligation to give the Board or affected Data Principal notice of a personal data breach under sub-section (6) of section 8. | May extend to two hundred crore rupees. |
| 3. | Breach in observance of additional obligations in relation to children under section 9. | May extend to two hundred crore rupees. |
| 4. | Breach in observance of additional obligations of Significant Data Fiduciary under section 10. | May extend to one hundred and fifty crore rupees. |
| 5. | Breach in observance of the duties under section 15. | May extend to ten thousand rupees. |
| 6. | Breach of any term of voluntary undertaking accepted by the Board under section 32. | Up to the extent applicable for the breach in respect of which the proceedings under section 28 were instituted. |
| 7. | Breach of any other provision of this Act or the rules made thereunder. | May extend to fifty crore rupees. |
Digital Personal Data Protection Act, 2023
Section 31 Alternate dispute resolution
Section 32 Voluntary undertaking
Section 34 Crediting sums realised by way of penalties to Consolidated Fund of India
Section 35 Protection of action taken in good faith
Section 36 Power to call for information
Section 37 Power of Central Government to issue directions
Section 38 Consistency with other laws
Section 39 Bar of jurisdiction
Section 40 Power to make rules
Section 41 Laying of rules and certain notifications
Section 42 Power to amend Schedule
Section 43 Power to remove difficulties
Section 44 Amendments to certain Acts