The General Data Protection Regulation (GDPR) gives data subjects rights over their own personal data, including the right of access to personal data processed by a controller (Article 15). In practice, the data subject can ask an organisation to access
Under the General Data Protection Regulation (GDPR), individuals have several rights over their personal data (i.e. right of access, right to data portability etc.)
Controllers and to some extent processors of personal data must be able to handle individual’s rights requests without delay and, in any event, within a month of the receipt of the request. Therefore, they should implement all the technical and organisational measures necessary to respond efficiently to any potential inquiry.
The right to data portability is the new individual’s right provided in article 20 (1) of the new data protection regulation (GDPR).
This new right allows data subjects to ask data controllers to provide him/her or another data controller of their choice with a copy of the personal data they have provided for the data subject or the recipient controller to re-use the data to provide its service.