Right to Data Portability – art. 12, 20

Right to Data Portability – art. 12, 20 A data subject has the right to move, copy, or transfer personal data from one data controller to another, in a safe and secure way, in a commonly used and machine-readable format. Wherever technically possible, this also includes the right to have the data transferred directly from […]

Read more
Right to Restriction of Processing – art.12, 18

Right to Restriction of Processing – art.12, 18 A data subject has the right to block or suppress personal data being processed or used. This means that an individual can limit the way that an organisation uses their data. This is an alternative to requesting the erasure of their data. Individuals have the right to […]

Read more
Right to Erasure (Right to Be Forgotten) – art. 12, 17

Right to Erasure (Right to Be Forgotten) – art. 12, 17 A data subject has the right to have personal data permanently deleted. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Individuals have the right to have their personal data erased if: the […]

Read more
Right to Correction (“Rectification”) – art. 12, 16

Right to Correction (“Rectification”) – art. 12, 16 Under Article 16 of the GDPR a data subject has the right to have incorrect or incomplete data corrected. An individual may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary […]

Read more
Right to Access – art. 12,15

Right to Access – art. 12,15 After data is collected, a data subject has the right to know how it has been collected, processed, and stored, what data exists, and for what purposes. Summary: Individuals have the right to access their personal data. This is commonly referred to as subject access. Individuals can make a subject […]

Read more
Right to Be Informed – art.12,13,14

Right to Be Informed – art.12,13,14 Before data is collected, a data subject has the right to know how it will be collected, processed, and stored, and for what purposes. Create easy-to-read policies that provide explicit details on what information is being stored on an individual—and how it will be used. Ensure all data collection processes […]

Read more
Time limits for responding to a Data Subject Request

The data controller needs to provide a reply to all requests relating to subject rights within one month from receipt. This can be extended by two months where the request is complex, or you receive several requests from the same applicant. If this is the case, the Data Subject will be informed of the delay […]

Read more
Data Subject Request

A data subject is any person whose personal data is being collected, held or processed. Personal data can refer to anything from name, address or posts on social media. As a result, anyone becomes at some point a data subject – whether they are applying for a job, booking a flight, using their credit card […]

Read more
YOUR EMPLOYEES’ PRIVACY MUST BE PROTECTED

It is not only an organisation’s clients that are protected under the General Data Protection Regulation (GDPR), but employees as well. The new law aims to strengthen people’s rights to privacy and protect their personal data. This does not just apply to people opting into the company’s online marketing campaigns, but rather everyone involved with […]

Read more
Employee Awareness and Training

It is vital that each and every employee is aware of the GDPR protocols and are trained to handle the data they receive within the appropriate manner. As an employer, you can help your employees comply with the new regulation and protect against breaches by developing a comprehensive communication and training strategy. In fact, the […]

Read more