India’s Digital Personal Data Protection Act, 2023 (DPDPA) governs how organisations handle digital personal data about individuals in India. Pet grooming salons, daycare centres, and pet retailers that collect client phone numbers, addresses, pet health notes, and payment references in PetConnect should understand how the DPDPA applies to them.
Laws and frameworks covered
Digital Personal Data Protection Act, 2023 (India) · Rules and notifications issued under the DPDPA · Data Protection Board of India
Disclaimer: This Help Center article is general information only—not legal advice. Consult a qualified privacy lawyer in your jurisdiction for compliance specific to your business.
Who the DPDPA applies to
The Act applies to processing of digital personal data within India, and to processing outside India if it relates to offering goods or services to individuals in India.
Your salon is typically a Data Fiduciary when you decide why and how client data is used. PetConnect generally acts as a Data Processor when it stores and processes that data on your behalf under contract.
Very small businesses should still follow notice and consent rules; larger organisations may later be classified as Significant Data Fiduciaries with extra duties (DPO-like appointments, audits, DPIAs)—watch Central Government notifications.
Consent, notice, and lawful processing
For most marketing SMS, email campaigns, and non-essential uses, you need clear, informed consent from the client (or parent/guardian where applicable). Consent must be as easy to withdraw as to give.
Publish a privacy notice in English (and local languages where practical) explaining what you collect in PetConnect—contact details, pet profiles, appointment history, payment metadata—and who you share it with.
Certain legitimate uses may allow processing without fresh consent in specific cases defined in the Act (for example some employment or statutory purposes). Routine client booking usually relies on consent and contract.
Data Principal rights
Clients (Data Principals) may request access to a summary of personal data and processing activities, correction of inaccurate data, erasure when consent is withdrawn (subject to legal retention), and nomination of another person to exercise rights in the event of death or incapacity.
They may also use a grievance redressal process: you must respond within a prescribed period before they escalate to the Data Protection Board of India.
Train reception staff to route “data access” or “delete my details” requests to the owner. Use PetConnect profile and export tools to fulfil requests and keep a log of responses.
Security, breaches, and cross-border transfers
Implement reasonable security safeguards—role-based PetConnect access, strong passwords, and no sharing exports on personal WhatsApp or unsecured devices.
If a personal data breach affects clients, assess whether notification to the Board and affected individuals is required under DPDPA rules as they come into force.
Transfers outside India are permitted only to countries notified by the Central Government, or under approved contracts/clauses. Ask PetConnect support for current hosting locations and transfer terms if you export data or operate across borders.
Using PetConnect in India
Capture SMS and marketing opt-in at booking. Honour opt-outs in the inbox module.
Collect only pet health information needed for safe grooming. Restrict sensitive fields to senior staff roles.
Document your vendor list (PetConnect, Adyen, SMS gateway) in your privacy notice as processors or recipients.
Frequently asked questions
Does PetConnect comply with these laws for me?
PetConnect provides tools and contractual processor terms, but you remain responsible for how you collect, use, and disclose client data in your salon.
Which article should I read if I have stores in multiple countries?
Read the guide for each country where you have a store, plus the privacy overview and retention/export article. Align brand policies to the strictest requirement.
Can PetConnect help with a client access request?
Use in-app export and profile editing. For platform-level questions, email support@pet-connect.co.
Do I need a Data Protection Officer?
Depends on law and scale—GDPR, LGPD, and Quebec Law 25 may require one in some cases. Ask your legal adviser.
Where is data stored?
Confirm current hosting and sub-processor locations with PetConnect support for transfer and disclosure documentation.
Summary
Indian salons should align PetConnect use with DPDPA: clear notices, valid consent, Data Principal rights, security, and compliant cross-border transfers.
Was this article helpful?
Thanks for your feedback.
Still need help? Email support@pet-connect.co