Small Entity Exemption Under India’s Digital Personal Data Protection Rules, 2025: What It Means for the Optical Industry

CORE_Summarizes_TFOS_DEWS_III_Reports_to_Boost_Dry_Eye_Knowledge_(20).jpg

The Digital Personal Data Protection (DPDP) Rules, 2025—officially notified on 14 November 2025—introduce a transformative compliance relief mechanism for micro and small businesses in India. One of the most relevant provisions for the optical and eye-care sector is the Small Entity (Small Data Fiduciary) Exemption, designed to ease the regulatory burden on low-volume practitioners who handle limited personal data.

Who Qualifies as a Small Entity?

• Handles low volumes of personal data (e.g., neighbourhood optical stores)

• Does not process sensitive health data at scale

• Classified as MSME or small-scale establishment

• Limited operations such as a single shop or rural practice

Major Compliance Exemptions for Small Entities

Small Entities are not required to:

• Appoint a Data Protection Officer (DPO)

• Conduct DPIAs

• Undergo annual third?party audits

• Maintain purpose registers

• Implement advanced grievance frameworks

• Deploy enterprise-grade cybersecurity systems

Obligations That Still Apply

• Clear privacy notice

• Explicit consent

• Purpose limitation

• Basic digital security

• Consent withdrawal & data deletion rights

• Reporting significant data breaches

• Parental consent for children’s data

When the Exemption Does Not Apply

• Large-scale processing of health data

• Large-scale children’s data (e.g., school screenings)

• Multi-outlet operations

• Automated profiling or targeted marketing

• Entities classified as Significant Data Fiduciaries

Practical Impact on India’s Optical Industry

Most Likely to Qualify for exemptions :

• Independent optical stores

• Solo optometry clinics

Not Likely to Qualify for exemptions:

• Multi-store optical chains

• High-volume speciality eye-care centres

• Franchise networks

Conclusion

The Small Entity Exemption offers a balanced framework that protects patient privacy while reducing compliance burdens for India’s optical and optometry sector.

The Importance of Precise Pupillary Distance (PD) Measurement in Dispensing Eyewear

The Importance of Precise Pupillary Distance (PD) Measurement in Dispensing Eyewear

Article by: Sanjay K Mishra scientist Dr R P Centre AIIMS, New Dehli, Rajesh Kumar, Senior Optometrist, PGIMS, Univ of Health Sciences, Rohtak,&n...

read more
Uncorrected Refractive Error: India's Largest cost-effective Preventable Productivity Loss—and Its Greatest Growth Opportunity

Uncorrected Refractive Error: India's Largest cost-effective Preventable Productivity Loss—and Its Greatest Growth Opportunity

By Ramachandran P. (Ram) India stands at a unique crossroads. With the world's largest population and one of its youngest workforces, the country has the...

read more
Cult glasses to have in your collection

Cult glasses to have in your collection

Do you know the secret to always wearing the right glasses at the right time and with the right outfit ?  No, it's not...

read more
Untreated Cataract Can Lead to Blindness

Untreated Cataract Can Lead to Blindness

Naushaba Afreen, B. Optometry (3rd year), Manipal Tata Medical College [MAHE] Introduction Cataract is the leading cause of preventable blindness worldwid...

read more
CONTACT LENS AND CORNEA : WHAT YOU SHOULD KNOW?

CONTACT LENS AND CORNEA : WHAT YOU SHOULD KNOW?

Puja Sarkar, Anterior Segment Department, Dr. Shroff’s Charity Eye Hospital, New Delhi In the world of vision correction, contact lenses offer fre...

read more