Editor’s Note: The Data Protection Commission (DPC) is the Irish supervisory authority for the General Data Protection Regulation (GDPR). In this recently published guidance note, DPC Ireland shares important information for both data requestors and controllers on the topic of Data Subject Access Requests (DSARs). This information is relevant for individuals and organizations seeking an understanding of the “right of access” to data under the GDPR and may also be helpful for organizations as they consider DSAR requirements under new regulations such as the California Consumer Privacy Act (CCPA).

Extract from DPC Ireland Guidance Note on Data Subject Access Requests

Data Subject Access Requests – FAQs*

The General Data Protection Regulation (GDPR), under Article 15, gives individuals the right to request a copy of any of their personal data which are being ‘processed’ (i.e. used in any way) by ‘controllers’ (i.e. those who decide how and why data are processed), as well as other relevant information (as detailed below). These requests are often referred to as ‘data subject access requests’, or ‘access requests’.

These requests must be responded to free of charge and in an accessible form, and controllers should seek to facilitate access requests being both made and responded to easily, including electronically where appropriate and where the individual wishes.

The following guidance should answer some of the most frequently asked questions by both individuals who are seeking copies of their personal data, as well as controllers who are struggling to deal with the access requests they are receiving.

Review the Complete Guidance Note (PDF)

FAQ Guide to Data Subject Access Requests – Oct – 2019

Read the original guidance note on Data Subject Access Requests

Copyrighted information note shared by permission of Regulations on the Re-use of Public Section Information

Additional Reading

Source: ComplexDiscovery

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, DALL-E2, Grammarly, Midjourney, and Perplexity, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.