General Data Protection Regulation (GDPR) is recognised as the largest data legislation overhaul which was introduced to ensure total protection of personal data.
As a result of GDPR, individuals now have more rights relating to the protection of their personal data and businesses have greater requirements around how they can gather, store and use this personal data. Personal data stored by companies needs to be current, accurate, accessible to the owners and only used for its intended purpose, otherwise, it must be deleted.
Below, we have outlined some of the personal rights enshrined in GDPR legislation.
DATA ACCESS
If a company is storing your personal data, you have the right to contact them and request a copy of all of your data currently being held by them. Personal data can include things like CCTV footage, digital records or written records of personal data. The company must comply with your request within one month.
RIGHT TO BE INFORMED
If a company is collecting your personal data, then you have the right to be informed of the collection.
RIGHT TO BE FORGOTTEN
This refers to your right to ask companies to delete your personal data from their collection.
PROCESSING RESTRICTION
You have the right to ask companies to stop processing your data (e.g. modifying data, recording data, etc.). Personal data can still be retained for storage.
DATA PORTABILITY
Companies need to store your personal data in a portable format to ensure it can be transferred easily upon your request.
AUTOMATED PROCESSING
Automated processing (data processing without human involvement) is not lawful unless you have consented to it (except in cases where it is required due to public interest).
This should give a quick overview of some of the chief rights enshrined in the GDPR. If you believe your GDPR rights have been breached, get in contact with us today.