Unless they are also a certificate authority, they cannot read the encrypted content of you communications since today almost all sites use TLS encryption. They can see the names of the domains you go to and the number of packets. You can determine a lot from such meta data and it is valuable. They likely sell this information (hopefully anonymized ) to advertisers and data brokers.
Note this is true of all ISPs and may be more or less applicable in India.
You can avoid ISP spying to an extent by using a vpn.