GDPR Data Subject Access Request Policy

Importance of GDPR data subject access request policy

With the GDPR, the individual can request a list of new rights: therefore your company has to have a GDPR data subject access request (DSAR) policy. Writing your data subject access request policy you prove that you make an effort to comply with the GDPR.

DOWNLOAD OUR DATA SUBJECT ACCESS REQUEST POLICY

From 25 May 2018, one individual has the right to request:

– Confirmation that your company process their data;
– Access to their personal data;
– Other supplementary information provided in your privacy notice.

In fact, recital 63 of the GDPR states, “a data subject should have the right of access to personal data which have been collected concerning him or her, and to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing.”

GDPR Data Subject Access Request Policy 1

Meanwhile, the GDPR states three important points that could change your company behaviour:

– the request must be free of charge for the individual (in most circumstances);
– you have to provide the information within one month;
– the individual should make the request electronically.

Consequently, you understand how it’s crucial for your company to create a data subject access request procedure.  This is a priority: that’s why we create a template easy and ready to use.

Furthermore, you need a document for the data subject access request.

DOWNLOAD OUR DATA SUBJECT ACCESS REQUEST POLICY