With the introduction of the General Data Protection Regulation (GDPR), we have seen an increase in the number of clients receiving Subject Access Requests (SARs). Are you able to handle and respond to them?
Find out the top 5 things to know about SARs below - for further guidance, contact the TrueSwift help team today.
What is a subject access request?:
A subject access request, is a request in writing or verbally, for an individual to be given access to all the information a company holds about them.
What information to provide:
Once a request has been made, you need to firstly respond with a confirmation that you acknowledge the request. Then you will need to provide that individual with all of the personal data you hold on them.
Time to respond:
You have 1 month from receipt of the request to respond to the individual with their access.
Making a response:
If no request has been made to respond in a certain format, then you are expected to respond via a “common electronic format”.
Charging a fee:
No, under the new regulations, a charge cannot be made to carry out the request.