SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Proof of compliance with GDPR & Data Subject Request Register

  Quote
Guest
Guest user Created:   Oct 14, 2021 Last commented:   Oct 19, 2021

Proof of compliance with GDPR & Data Subject Request Register

When a client of ours asks for proof of GDPR compliance what do companies normally provide? Also, in the 07.24_Data_Subject_Requests_Communication_Register_Premium_EN document I don't see a slot for the name/email of the data subject. Part of me thinks that makes sense as if you are asked to delete their info yet keep it in that document then you technically didn't completely delete it? The other part of me wonders how that demonstrates compliance when you can't link it back to a particular data subject request?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Oct 19, 2021

I assume that you are referring to the compliance to the data subject request to delete personal data.

Compliance with GDPR starts from a good privacy notice where it is clear how data subjects can exercise their rights. It may be implemented by a reply to the data subject's request to exercise its rights, where the data controller explains how the data subject request is handled and the confirmation that the request has been accepted or denied. Of course, the delation of data will refer to data that are processed under consent on a legal basis. If some personal data are necessary to be processed under another legal basis, then the data controller will have the right to keep those data and process for that purpose. For example, the data controller may need to keep the name and some personal information of the data subject to fulfill the obligation on invoicing. You should keep a register of data subjects' requests in order to demonstrate compliance with the obligation of assuring the rights of data subjects.  

Here you can find more information about how to handle data subjects rights:

If you need to understand how to implement compliance with GDPR you may consider enrolling in our free EU GDPR Foundations Course: https://training.advisera.com/course/eu-gdpr-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 14, 2021

Oct 19, 2021

Suggested Topics

Guest user Created:   May 18, 2022 EU GDPR
Replies: 0
0 0

Questions about CCTV in GDPR

Guest user Created:   May 18, 2022 EU GDPR
Replies: 1
0 0

Data Subject Access Request