Aadhaar (Authentication and Offline Verification) Regulations, 2021 · III — Appointment Of Requesting Entities And
Regulation 16 Use of e-KYC authentication facility
(1) A KUA may use the e-KYC authentication facility provided by the Authority for obtaining the e-KYC data of the Aadhaar number holder for its own purposes.
(2) A KUA shall obtain specific permission from the Authority by submitting an application for sharing of e-KYC data with Sub-KUA and such data may be shared in encrypted form as per the guidelines issued by the Authority from time to time, with specific consent of Aadhaar number holder.
(3) The Sub-KUA with whom the KUA has shared the e-KYC data of the Aadhaar number holder shall not share it further with any other entity or agency.
(4) The Aadhaar number holder may, at any time, revoke consent given to a KUA/Sub-KUA for storing his e-KYC data, and upon such revocation, the KUA/Sub-KUA shall delete the e- KYC data in a verifiable manner and provide an acknowledgement of the same to the Aadhaar number holder.
(5) In addition to the restriction on further sharing contained in sub-regulation (3), all other obligations relating to the personal information of the Aadhaar number holder, data security and other relevant responsibilities applicable to requesting entities, shall also apply to the Sub-KUA with whom e-KYC data has been shared in accordance with this regulation 16.
(6) The KUA shall maintain auditable logs of all such transactions where e-KYC data has been shared with Sub- KUAs, for a period specified by the Authority.
Source: Wayback Machine snapshot of UIDAI's original publication.
(1) A KUA may use the e-KYC authentication facility provided by the Authority for obtaining the e-KYC data of the Aadhaar number holder for its own purposes.
(2) A KUA shall obtain specific permission from the Authority by submitting an application for sharing of e-KYC data with Sub-KUA and such data may be shared in encrypted form as per the guidelines issued by the Authority from time to time, with specific consent of Aadhaar number holder.
(3) The Sub-KUA with whom the KUA has shared the e-KYC data of the Aadhaar number holder shall not share it further with any other entity or agency.
(4) The Aadhaar number holder may, at any time, revoke consent given to a KUA/Sub-KUA for storing his e-KYC data, and upon such revocation, the KUA/Sub-KUA shall delete the e-KYC data in a verifiable manner and provide an acknowledgement of the same to the Aadhaar number holder.
(5) In addition to the restriction on further sharing contained in sub-regulation (3), all other obligations relating to the personal information of the Aadhaar number holder, data security and other relevant responsibilities applicable to requesting entities, shall also apply to the Sub-KUA with whom e-KYC data has been shared in accordance with this regulation 16.
(6) The KUA shall maintain auditable logs of all such transactions where e-KYC data has been shared with Sub- KUAs, for a period specified by the Authority.