Enter to open, tab to navigate, enter to select
Handling Data Subject Requests Under the GDPR Toolkit
Practical Law Toolkit w-013-1684 (Approx. 12 pages)
Handling Data Subject Requests Under the GDPR Toolkit
by Practical Law Data Privacy & Cybersecurity
| Maintained • European Union |
Resources to assist organizations acting as controllers with handling data subject requests including data subject access requests (DSAR) under the EU General Data Protection Regulation (GDPR). This Toolkit includes standard forms covering the different types of data subject requests and template controller response letters.
For a UK version, see Toolkit, Handling data subject requests toolkit (UK).
The EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) grants data subjects certain rights relating to their personal data and imposes obligations on controllers when handling data subject requests.
This Toolkit includes:
- Standard forms for controllers to provide to data subjects to exercise their rights relating to their personal data under Articles 15 to 18 and 20 to 22.
- Template controller response letters.
- A Practice Note on using data mapping to assist recordkeeping compliance efforts.
- A form for tracking the status and disposition of data subject requests.
- An internal policy on procedures for handling data subject requests.
For information on data subjects' rights under the GDPR, see Practice Note, Data Subject Rights Under the GDPR and Responding to Data Subject Requests Under the GDPR Checklist.