Skip to content

Ultimate Governance, Risk &
Compliance  (GRC) Guides

What are GDPR data subject rights?

 

AI-powered. Integrated content.
Unique Hub & Spoke architecture.

What are GDPR data subject rights?

The General Data Protection Regulation (GDPR) is an EU law that was enacted in 2018 to protect the privacy of individuals and their personal data. It grants individuals certain rights in relation to their personal data, which are known as data subject rights. These rights are designed to give individuals more control over how their data is collected, used, and shared. The GDPR grants data subjects the right to access their personal data, the right to rectification of inaccurate or incomplete personal data, the right to erasure of their personal data, the right to restrict or object to the processing of their personal data, and the right to data portability. The right to access personal data allows individuals to request and receive a copy of the personal data that a data controller holds about them. Data controllers must provide this information in a concise, transparent, intelligible, and easily accessible form, using clear and plain language. The right to rectification allows individuals to request that any inaccurate or incomplete personal data held by a data controller be corrected. The right to erasure, also known as the right to be forgotten, allows individuals to request that their personal data be erased from the data controller’s systems. The right to restrict or object to the processing of personal data allows individuals to request that a data controller stop processing their personal data. The right to data portability allows individuals to request that their personal data be transferred from one data controller to another in a structured, commonly used, and machine-readable format. Data subjects also have the right to be informed about the collection and use of their personal data. Data controllers must provide individuals with clear and easily understandable information about how their personal data is being used and why. Finally, data subjects have the right to lodge a complaint with a supervisory authority if they feel that their rights have been violated. In order to ensure that data subjects are aware of their rights, data controllers must provide clear and transparent information about these rights. They must also provide clear and simple methods for submitting requests related to these rights. Data controllers must respond to data subject rights requests without undue delay and within one month from receipt of the request. Reponses to data subject rights request must be provided free of charge, except where the request is found to be unfounded, excessive, or repetitive in nature. In summary, the GDPR grants data subjects several rights in relation to their personal data. These rights are designed to give individuals more control over how their data is collected, used, and shared. Data controllers must provide clear and transparent information about these rights and must respond to data subject rights requests without undue delay and within one month from receipt of the request. .



6clicks is powered by AI and includes all the content you need.
Our unique 6clicks Hub & Spoke architecture makes it simple to use and deploy.

logo
logo
logo
logo
logo
logo

GET STARTED TODAY