SCHEDULE
Sec 26
| S No | Subject Matter of Breach | Penalty |
| 1 | Breach in observing the obligation of Data Fiduciary to take reasonable security safeguards to prevent personal data breach, under sub-section (5) of section 8 | May extend to two hundred and fifty crore rupees. |
| 2 | Breach in observing the obligation to give the Board or affected Data Principals notice of a personal data breach, under sub-section (6) of section 8 | May extend to two hundred crore rupees. |
| 3 | Breach in observance of additional obligations in relation to children, under section 9 | May extend to two hundred crore rupees. |
| 4 | Breach in observance of additional obligations of Significant Data Fiduciary, under section 10 | May extend to one hundred and fifty crore rupees. |
| 5 | Breach in observance of the duties under section 15 | May extend to ten thousand rupees. |
| 6 | Breach of any term of voluntary undertaking accepted by the Board under section 32 | Up to the extent applicable for the breach in respect of which the proceedings under section 28 were instituted. |
| 7 | Breach of any other provisions of this Act, or rules made there under | May extend to fifty crore rupees. |