A Data Fiduciary may process personal data of a Data Principal for any of the following uses, namely:—

1. for any purpose for which the Data Principal has voluntarily provided her personal data to the Data Fiduciary, and in respect of which she has not indicated to the Data Fiduciary that she does not consent to the use of her personal data;
2. for the State and any of its instrumentalities to provide or issue to the Data Principal such subsidy, benefit, service, certificate, licence or permit as may be prescribed;
3. for the performance of any function under any law for the time being in force in India or in the interest of sovereignty and integrity of India or security of the State;
4. for fulfilling any obligation under any law for the time being in force in India on any person to disclose any information to the State or any of its instrumentalities, subject to such processing being in accordance with the provisions of any law for the time being in force;
5. for compliance with any judgment or decree or order issued under any law for the time being in force in India, or any judgment or order relating to claims of contractual or civil nature under any law for the time being in force outside India;
6. for responding to a medical emergency involving a threat to the life or immediate threat to the health of the Data Principal or any other individual;
7. for taking measures to provide medical treatment or health services to any individual during an epidemic, outbreak of disease, or any other threat to public health; and
8. for taking measures to ensure safety of, or provide assistance or services to, any individual during any disaster, or any breakdown of public order.