The keystone of information security has been access control. Very often, User data is misused and users are oblivious to the use of their data by unauthorized parties. Current strategies to provide storage for confidential data and subsequent authentication involve relying on a trusted third party for the same, which could be victims of Denial of Service (DoS) attacks or technical failures. This paper examines a strategy where the underlying framework for providing Access Control is the blockchain, hence decentralizing the mechanism of providing access control. Further in this paper, we demonstrate and model the User Data access on the Ethereum framework. Personal Information of the user by a website or an application is retrieved on a need-to-know basis from the off-blockchain, as determined by the user, the true owner of the data. Personal data is highly protected and the different permissions to different websites or applications are determined by the Smart Contract.