data subject rights • DPO.guide

FRA 2020 fundamental rights report outlines, among other things, the data protection developments in 2019.

This guidance aims to give practical advice to explain the processes, services and decisions delivered or assisted by AI.

The 8 steps will help you assess the compatibility of measures impacting privacy.

The Guidelines aim to provide guidance on the grounds for submitting a request for the right to be forgottenand the exceptions to the right to be forgotten in regards of search engines.

This guidance discusses the right of access in detail. Read it if you have detailed questions not answered in the Guide, or if you need a deeper understanding to help you apply the right of access in practice. It is aimed at data protection officers (DPOs) and those with specific data protection responsibilities in larger […]

Ireland’s data protection authority – the Data Protection Commission (DPC) – has published frequently asked questions (‘FAQs’) on data subject access requests (SARs). The FAQs highlight the circumstances in which an individual is entitled to make a SAR, the information an individual is entitled to when making a SAR, and the method an individual should […]

Guernsey’s Office of the Data Protection Authority (‘ODPA’) published guidance on the right to data portability. In particular, the Guidance provides information on data portability requests including, relevant fees, the response timeframe and format of the request. In addition, the Guidance differentiates between data portability requests and subject access requests, and includes a case study […]

Guidance on the use of Legitimate Interests under the EU General Data Protection Regulation

On October 22, 2018, the Future of Privacy Forum (FPF), the European Federation of Pharmaceutical Industries and Associations (EFPIA), and the Centre for Information Policy Leadership (CIPL) hosted a workshop in Brussels, “Can GDPR Work for Health Scientific Research?,” to discuss the processing of personal data for health scientific research purposes under the European Union’s […]

In connection with the EU General Data Protection Regulation (GDPR), many companies are wondering how to implement a “data deletion policy”. This article describes the essential steps that companies need to undertake when preparing a GDPR-compliant data deletion policy and the associated documentation.