Data subject rights

Under the GDPR, data subjects – that is, individuals whose personal data is processed – have a series of rights aimed at ensuring control over their personal data. These rights are described in Articles 12-23 of the GDPR and are fundamental to ensuring transparency and the protection of data subjects’ privacy.

The main rights of data subjects include:

  1. Right of Access: The data subject has the right to obtain from the data controller confirmation as to whether personal data concerning them is being processed, and, if so, access to that data and detailed information about its use.
  2. Right to Rectification: This right allows the data subject to correct or complete inaccurate or incomplete personal data.
  3. Right to Erasure (Right to Be Forgotten): The data subject can request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, or in the event of withdrawal of consent or objection to processing.
  4. Right to Restriction of Processing: The data subject may request the restriction of the processing of their data under certain circumstances, such as when they contest the accuracy of the data.
  5. Right to Data Portability: This right allows the data subject to receive the personal data they provided to the data controller in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
  6. Right to Object: The data subject has the right to object, at any time and for reasons related to their particular situation, to the processing of their personal data, especially if the processing is based on the controller’s legitimate interest.
  7. Right Not to Be Subject to Automated Decision-Making: The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, that produces significant legal effects concerning them.
  8. Right to Be Informed: Data subjects have the right to receive clear and transparent information on how their personal data is collected, used, shared, and stored (privacy notice).
  9. Right to Lodge a Complaint with a Supervisory Authority: Data subjects have the right to lodge a complaint with the relevant supervisory authority if they believe that the processing of their personal data violates the GDPR.

The GDPR requires data controllers to be proactive in ensuring that data subjects can exercise these rights easily and promptly, and that each request is handled transparently and efficiently.

Trust Guardian’s Approach to Data Subject Rights
Trust Guardian offers effective support to companies for managing data subject rights:

  • It enables the self-service management of consents by data subjects through myPrivacy, which allows them to modify their consents autonomously.
  • It includes the “Data Subject Rights Management” feature, which allows companies to create a centralized register of requests to exercise rights, monitoring activities and response times as required by the GDPR.
  • It facilitates timely responses to requests for access, rectification, erasure, and objection by centralizing privacy information for each data subject, with the creation of a Privacy History for each individual, making all necessary information easily accessible in just a few clicks.

Legal, ICT, marketing: comprendiamo le tue necessità

Vogliamo sollevarti dai grattacapi nella gestione di consensi e privacy dei clienti.

legal1 legal2

Come DPO, Legal & Compliance voglio gestire le contestazioni e recuperare prove e fatti
ict1 ict2

Come ICT voglio mettere ordine nei flussi di gestione della privacy dei clienti
marketer1 marketer2

Come Marketer voglio lavorare in tranquillità e sicurezza

Trust Guardian è perfetto per diversi casi d’uso

Ecommerce basket

Solutions for trade shows and events
Fidelity card

Solutions for Loyalty Cards
Stand

Solutions for Marketers
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.