Social Media Policy (India)
SOCIAL MEDIA POLICY
Company: [Company Name]
Effective Date: [Effective Date] | Policy Owner: [Policy Owner]
This Social Media Policy ("Policy") is adopted by [Company Name] ("Company") and is governed by the Information Technology Act 2000 (IT Act), the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021 (IT Rules 2021), the Digital Personal Data Protection Act 2023 (DPDPA 2023), the Copyright Act 1957, and applicable labour laws. The Policy applies to all employees, contractors, and authorised brand representatives.
1. SCOPE
1.1 This Policy governs the use of all social media platforms — including but not limited to LinkedIn, Twitter/X, Facebook, Instagram, YouTube, WhatsApp, Telegram, ShareChat, and any other public or semi-public digital platform — by employees of the Company, both in their personal capacity and when representing the Company.
1.2 The Policy applies to social media use on both company-issued and personally-owned devices (subject to the Company's BYOD Policy).
2. PERSONAL SOCIAL MEDIA USE
2.1 Personal Use During Working Hours: [Personal Use Work Hours]. Use of personal social media on Company-issued equipment that is excessive or that interferes with work duties is prohibited.
2.2 Disclaimer: [Disclaimer Required]. The standard disclaimer is: 'All views expressed on this account are my own and do not represent the views of my employer.' This disclaimer helps prevent confusion between the employee's personal opinions and the Company's official position.
2.3 Prohibited Personal Posting: Employees must not, on any personal or professional social media account: (a) disclose confidential Company information, trade secrets, client data, or — for listed companies — unpublished price-sensitive information (UPSI) under SEBI Insider Trading Regulations 2015; (b) make defamatory statements about the Company, its directors, employees, clients, or competitors (actionable under Section 499 of the Bharatiya Nyaya Sanhita 2023); (c) post content that could constitute harassment, discrimination, or bullying of colleagues or third parties, or that could constitute sexual harassment under the POSH Act 2013; (d) share copyrighted images, videos, or articles without proper attribution or a valid licence (Copyright Act 1957); (e) impersonate the Company or any of its employees or officers (Section 66D, IT Act 2000).
3. OFFICIAL COMPANY SOCIAL MEDIA ACCOUNTS
3.1 Official social media accounts of the Company are managed exclusively by the [Official Account Owner]. No employee may create, modify, or operate an official Company social media account without specific written authorisation.
3.2 Content Approval: All content published on official accounts is subject to the following approval process: [Content Approval]. Crisis communications and statements on legally sensitive topics (litigation, regulatory investigations) must be reviewed by legal counsel before publication.
3.3 Grievance Redressal: In accordance with the IT Rules 2021, the Company has designated a Grievance Officer for receiving and resolving complaints related to the Company's digital content: [Grievance Officer].
3.4 Media Enquiries: All enquiries from journalists, analysts, or media organisations received through social media must be referred to the designated communications contact and must not be responded to directly by employees without authorisation.
4. DATA PRIVACY AND SECURITY
4.1 Employees must not share personal data (names, contact details, photos, or any other identifying information) of customers, employees, or other individuals on social media without the explicit consent of the individuals concerned, consistent with the DPDPA 2023.
4.2 Employees must not share photos of Company premises, equipment, proprietary processes, or internal documents that could reveal confidential information.
4.3 Social media accounts used for Company purposes must be secured with strong passwords and two-factor authentication. Any unauthorised access to a Company social media account must be reported to IT security immediately.
5. ENFORCEMENT AND REVIEW
5.1 Violations of this Policy may result in disciplinary action, up to and including termination of employment, consistent with the Company's disciplinary procedure and applicable labour law.
5.2 For violations that also constitute criminal offences under the IT Act 2000, the Bharatiya Nyaya Sanhita 2023, or other applicable laws, the Company may report the matter to law enforcement authorities.
5.3 This Policy shall be reviewed annually and updated as required to reflect changes in applicable law (including the IT Rules 2021 and DPDPA 2023) and social media platform developments.
5.4 This Policy is governed by the laws of India and the laws of the State of [Governing State].
Authorised Signatory
________________
Signature
Employee Acknowledgement
________________
Signature
What Is a Social Media Policy (India)?
A Social Media Policy in India establishes the framework of rules governing the area it covers and the steps taken when those rules are broken.
The proliferation of social media has created new legal and reputational risks for Indian employers. A careless post by an employee can disclose confidential information, breach insider trading regulations (for listed companies under SEBI Insider Trading Regulations 2015), defame competitors, or damage the company's brand with customers. Conversely, employees have a legitimate interest in expressing their views online, and overly restrictive policies risk infringing on rights of free expression.
The IT Rules 2021 have significantly expanded the compliance obligations of social media platforms operating in India, and created a more transparent and accountable environment for online content. For companies that are themselves 'significant social media intermediaries' (those with more than 50 lakh users), or that use social media as a primary customer engagement channel, the IT Rules 2021 impose specific obligations including appointment of a Grievance Officer, a Nodal Contact Person, and a Chief Compliance Officer.
A Social Media Policy documents the company's guidelines for official social media management, employee personal use rules, brand protection measures, and the disciplinary consequences of policy violations. It is typically accompanied by a Social Media Brand Guide for the marketing team and an Acceptable Use Policy for general IT systems.
The legal framework governing the Social Media Policy (India) in India draws on several key statutes and regulatory bodies. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Parties executing a Social Media Policy (India) in India should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Indian Contract Act, 1872 sets the foundational requirements.
When Do You Need a Social Media Policy (India)?
A Social Media Policy is essential for any Indian business with employees who have internet access and use social media — which today means virtually every business with a workforce.
Companies with a consumer-facing brand need a Social Media Policy to protect their reputation. A single ill-considered post by an employee can trigger a social media crisis — and without a clear policy, employers lack the framework to respond quickly and consistently.
Companies with publicly listed securities need a Social Media Policy that specifically addresses SEBI Insider Trading Regulations 2015 (Prohibition of Insider Trading) — employees who are 'designated persons' (insiders) are prohibited from communicating unpublished price-sensitive information (UPSI) through any channel, including social media.
Companies that operate official social media channels — marketing, customer service, and employer branding accounts — need a policy that defines who is authorised to manage these accounts, what types of content can be published, and how customer complaints received via social media are escalated to the grievance redressal mechanism required under the IT Rules 2021 and the Consumer Protection Act 2019.
Companies in regulated sectors — financial services, pharmaceuticals, healthcare, and food and beverage — need a Social Media Policy that is specifically calibrated to the additional restrictions imposed by sector regulators (RBI, SEBI, IRDAI, FSSAI) on marketing communications and financial promotions.
Any company that has recently experienced a social media incident — negative viral content, employee misconduct online, or a customer complaint campaign — should immediately formalise its social media policy to prevent recurrence.
Parties in India should prepare a Social Media Policy (India) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Social Media Policy (India)
A thorough Social Media Policy for an Indian company should contain the following key elements.
Scope: Application to all employees (permanent, contractual, and temporary), interns, consultants, and authorised brand ambassadors. Distinction between personal social media use and use of official company accounts.
Personal Use Guidelines: Rules for employees posting on personal accounts, including disclaimers distinguishing personal views from company positions, prohibitions on disclosing confidential information, and guidelines on not disparaging the company or its clients.
Official Social Media Management: Rules for employees authorised to manage official company accounts, including content approval procedures, response templates, and escalation paths for complaints and crisis situations.
Confidentiality and Insider Information: Explicit prohibition on sharing confidential business information, trade secrets, or (for listed companies) unpublished price-sensitive information through social media.
Harassment and Discrimination: Prohibition on using social media to harass, bully, or discriminate against colleagues, customers, or other individuals — with cross-reference to the POSH Policy and Code of Conduct.
Copyright and Intellectual Property: Guidelines on sharing third-party content, using the company's brand assets, and attributing sources correctly to avoid copyright infringement under the Copyright Act 1957.
Privacy and DPDPA Compliance: Requirements to obtain consent before sharing personal data or images of identifiable individuals, consistent with the DPDPA 2023.
Media Relations: Procedure for referring media and analyst enquiries received via social media to the designated communications contact.
Enforcement: Statement that violations may result in disciplinary action up to termination, consistent with the company's disciplinary procedure.
Additional compliance elements for a Social Media Policy (India) used in India include: Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Forms-legal.com provides this template as a starting point for India-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Social Media Policy (India) (India) [Legal document template]. Forms Legal. https://forms-legal.com/india/business/policies/social-media-policy-india
"Social Media Policy (India) (India)." Forms Legal, 2026, https://forms-legal.com/india/business/policies/social-media-policy-india.
@misc{formslegal-social-media-policy-india,
author = {{Forms Legal}},
title = {Social Media Policy (India) (India)},
year = {2026},
howpublished = {\url{https://forms-legal.com/india/business/policies/social-media-policy-india}},
note = {Free legal document template. Based on Indian Contract Act, 1872}
}Also available for these jurisdictions:
Frequently Asked Questions
Employee social media use in India is governed by a patchwork of statutes, rules, and judicial precedents — there is no single 'social media employment law' statute. Understanding the applicable legal framework is essential for drafting an effective Social Media Policy. The Information Technology Act 2000 (IT Act) is the foundational statute for digital communications in India. Section 66A of the IT Act (which criminalised offensive online messages) was struck down by the Supreme Court in Shreya Singhal v. Union of India (2015) as unconstitutional for being over-broad. However, Section 66C (identity theft), Section 66D (cheating by personation), Section 66E (violation of privacy), and Section 67 (publishing obscene material in electronic form) remain in force and have direct relevance to employee social media conduct. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021 (IT Rules 2021) impose obligations on 'significant social media intermediaries' (those with over 50 lakh registered users in India) — including Twitter/X, Facebook, Instagram, LinkedIn, and YouTube — to establish due diligence mechanisms, grievance redressal officers, and compliance with government orders to take down content. These rules create accountability on both platforms and, indirectly, on employers who manage official social media channels. The Digital Personal Data Protection Act 2023 (DPDPA 2023) is a landmark new law that governs the processing of digital personal data in India.
The permissibility of employer monitoring of employee social media activity in India is governed by a complex interplay of constitutional rights, statutory data protection obligations, and contractual terms. At the constitutional level, the Supreme Court of India in Justice K.S. Puttaswamy (Retd.) v. Union of India (2017) (the Aadhaar Privacy Case) unanimously held that the right to privacy is a fundamental right protected under Article 21 of the Constitution. This right applies in private employment relationships to the extent that courts will scrutinise whether employer monitoring measures are proportionate and have a legitimate business purpose. The Digital Personal Data Protection Act 2023 (DPDPA 2023) is now the primary statutory framework for data processing in India. Under the DPDPA, employees are 'data principals' and employers are 'data fiduciaries.' The Act requires data fiduciaries to obtain the data principal's consent before processing their personal data, unless one of the narrow legitimate purposes exceptions applies. Employee monitoring programmes that capture personal data of employees — including tracking their social media profiles — require either explicit consent or a demonstrably legitimate business purpose. For monitoring of official corporate social media accounts and systems, employers have a much stronger legal basis.
A well-drafted Social Media Policy for an Indian company should impose the following categories of restrictions on employees, while being careful to balance legitimate business interests against employees' rights of free expression and privacy. Confidential Information: Employees must not disclose confidential business information — trade secrets, unpublished financial results, pending transactions, client information, strategic plans — through any social media channel. This restriction is grounded in confidentiality obligations under the employment contract, the law of equity (breach of confidence), and the DPDPA 2023 for personal data. The Companies Act 2013 (Section 180) and SEBI Insider Trading Regulations 2015 impose additional restrictions on disclosure of price-sensitive information by insiders of listed companies. Discrimination and Harassment: Employees must not post content that could constitute harassment, discrimination, or bullying of colleagues, customers, or other individuals on the basis of race, caste, religion, gender, sexual orientation, disability, or any other protected characteristic. Such conduct can expose the employer to liability for workplace harassment and violations of the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Remediation) Act 2013 (POSH Act) if the social media conduct constitutes sexual harassment. Defamation: Employees must not make defamatory statements about the company, its officers, clients, competitors, or other employees.
A Social Media Policy (India) does not legally require a lawyer in India, and individuals and businesses may draft and execute the document independently. The Indian Contract Act, 1872 does not mandate legal representation for the creation or signing of this type of document. However, seeking independent legal advice from a qualified India lawyer is recommended for transactions involving substantial financial value, complex regulatory requirements, or cross-border elements where multiple legal jurisdictions may apply. A lawyer can verify that the document complies with all applicable statutory requirements, identify potential risks specific to the transaction, and confirm that the terms adequately protect the interests of all parties involved. The Supreme Court of India has jurisdiction over disputes arising from this type of document, and Registrar of Companies (ROC) may impose additional compliance obligations depending on the nature of the underlying transaction. Professional legal review is particularly advisable where the document will be submitted to government agencies or used as evidence in legal proceedings.
A Social Media Policy (India) does not legally require a lawyer in India, though legal advice is recommended. Under Indian law, the Indian Contract Act 1872 governs agreements. The Companies Act 2013 and Registrar of Companies (ROC) regulate corporate documents. The Information Technology Act 2000 governs electronic contracts and data protection. The Consumer Protection Act 2019 provides consumer rights. The Income Tax Act 1961 requires tax compliance. Forms-legal.com provides this template as a starting point — always review with a qualified Indian advocate for significant transactions. Under India law, Indian Contract Act, 1872, parties should seek independent legal advice from a qualified lawyer to confirm compliance with all applicable requirements. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). Forms-legal.com provides this template as a starting point for India-compliant documentation.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
Code of Conduct (India)
A comprehensive Code of Conduct for Indian companies compliant with the Companies Act 2013 (Section 149, Schedule IV), SEBI LODR Regulations 2015, and National Guidelines on Responsible Business Conduct 2019. Covers director and employee obligations, conflicts of interest, and ethical business standards.
BYOD Policy (India)
A Bring Your Own Device (BYOD) Policy for Indian businesses compliant with the Information Technology Act 2000, Digital Personal Data Protection Act 2023, and IT (Amendment) Rules 2022. Governs personal device use for work, data protection, device management, and acceptable use requirements.
AI Acceptable Use Policy (India)
An AI Acceptable Use Policy for Indian businesses compliant with the IT Act 2000, Digital Personal Data Protection Act 2023, and MEITY AI governance guidelines. Governs employee use of generative AI tools, data handling obligations, IP considerations, and prohibited use cases.