Data Subject Access Request
Assign topic to the user
The right to access is a fundamental right of the data subject. As stated in Article 15 GDPR - Right of access by the data subject – paragraph 3: “The controller shall provide a copy of the personal data undergoing processing”. However, paragraph 4 states that “The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others”. So you should redact out personal data of other data subjects (including usernames, pseudonyms, etc), intellectual-property protected data, and confidential data (including customer names, customer financial info, discounts, financial offerings, invoices, contracts, etc).
Advisera’s EU GDPR Premium Toolkit might help you in this endeavor because part of the toolkit we have a template for a Data Subject Access Request Procedure as well as templates for disclosure forms.
Please visit these links for more details:
- Article 15 GDPR: https://advisera.com/eugdpracademy/gdpr/right-of-access-by-the-data-subject/
How to handle data subject access requests: https://advisera.com/eugdpracademy/blog/2021/03/04/how-to-handle-data-subject-access-requests/ - EU GDPR Data Subject Access Request Flowchart: https://info.advisera.com/eugdpracademy/free-download/eu-gdpr-data-subject-access-request-flowchart
- EU GDPR PREMIUM DOCUMENTATION TOOLKIT: https://advisera.com/eugdpracademy/eu-gdpr-premium-documentation-toolkit/
Comment as guest or Sign in
May 20, 2022