Handling data subject requests—flowchart


Published by a ³ÉÈËÓ°Òô Risk & Compliance expert
Flowcharts

Handling data subject requests—flowchart


Published by a ³ÉÈËÓ°Òô Risk & Compliance expert

Flowcharts
imgtext

The UK General Data Protection Regulation (UK GDPR) provides a number of rights for data subjects, including providing a right of access to their personal data, rights to rectification, erasure, restriction of processing and data portability, a right to object to processing and a right not to be subject to a decision based solely on automated decision making, including profiling.

Data subjects can make a request to an organisation to exercise one or more of these rights at any time and there are strict time limits for complying with requests made. See Practice Note: How to handle data subject requests.

This Flowchart maps out a process for handling data subject requests received under the UK GDPR. It reflects requirements in the UK GDPR together with guidance issued by the Information Commissioner’s Office (ICO). It should be read in conjunction with Practice Note: How to handle data subject requests and the following detailed Flowcharts for handling requests under specific data subject rights:

  1. •

    Evaluating a data subject access request—flowchart

  2. •

    Evaluating a data rectification request—flowchart

  3. •

    Evaluating a data

Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Related legal acts:

Popular documents

UK GDPR—the basics

UK GDPR—the basicsThis Practice Note explains, in simple terms, the key features of the UK General Data Protection Regulation (UK GDPR). See also Precedent: Data protection quick reference guide.This Practice Note is intended for non-privacy specialists and there are separate, more detailed,

Can I charge a fee for dealing with a data subject access request?

Can I charge a fee for dealing with a data subject access request?The General Data Protection Regulation (GDPR) provides for enhanced rights for data subjects including providing rights of rectification, erasure and restriction of processing, data portability, a right to object to processing and a

Data subject access request form

Data subject access request formPlease complete this form if you wish to request access to your personal data. You do not have to use this form, but it will help us to deal with your request as quickly and effectively as possible if you do.You can also use this form if you are requesting access to

Data protection officer—DPO—job description and role profile

Data protection officer—DPO—job description and role profile1DPO detailsName of organisation[Insert name of organisation]Name of DPO[Insert name]Reports to[Insert name and/or position]Full time/part time[Insert]Details of any other roles held within the organisation[Insert details of any other roles