The data protection act and the GDPR defines eight rights for Individuals.
Read on!Under GDPR, an individual, also known as a Data Subject has eight principle rights which are:
Our Erudite GDPR Solution provides a self-service page for Subject Access Requests or Help Desk based portal for your staff to take requests and record them.
Individuals have the right to be informed about the collection and use of their personal data.
Our Erudite GDPR Solution enables you to document purpose, legal basis, data retention and more.
Commonly known as the Subject Access Request (SAR), individuals have the right to obtain their personal data from you
Remember these facts:
A subject access request requires you to provide positive confirmation of processing plus:
Our Erudite GDPR Solution enables Data Subjects to Raise their own Right of Access Request on our portal or they can be stored via our Portal by your team.
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. The right of rectification gives individuals the power to ensure you represent them correctly and more importantly ensure a fair outcome when that data is used in a decision making process such as loan application or job application etc.
Data is considered inaccurate if its incorrect or misleading in any way.
Summary
Right of Erasure is commonly known as the Right to be Forgotten.
The right to erasure applies if:
The right to erasure does not apply when processing for the following reasons
Summary
Our Erudite GDPR Solution supports the Logging of Erasure requests and providers reminders to keep you on track.
Individuals have the right to request the restriction or suppression of their personal data. An individual can limit the way that an organisation uses their data and when processing is restricted, you can store the personal data, but not use it.
The GDPR suggests a number of different methods that could be used to restrict data, such as: temporarily moving the data to another processing system; making the data unavailable to users; or temporarily removing published data from a website
This right applies if:
Our Erudite GDPR Solution enables you to log requests to Restrict Processing and give reminders to keep you on track.
Individuals have a right to obtain their data and use it for their own purposes.
The right to data portability only applies when:
GDPR gives individuals the right to object to processing of personal data in certain circumstances.
This refers to making a decision using automation without a human and or automated processing of personal data to evaluate certain things about an individual.
You can carry out this type of decision-making where; the decision is: necessary for the entry into a contract or based on the individual’s explicit consent. You are required to give individuals information about automated individual decision-making, including profiling
Buying insurance online is an example of an automated decision making process that you then enter into a contract for.
Rights on automated decisions and profiling:
Our Free Trial gives full access to the functionality for a time limited period so you can fully explore our GDPR Solution called Erudite. Our no obligation Free Trial will let you see how our GDPR solution can add value to your business and make compliance with GDPR simpler and less daunting.
Let's Get Started!