Privacy Rights for GDPR Compliance
The GDPR awards a list of privacy rights to data subjects. These rights aim to give people more awareness and control over their data and how it's used. As an organization, it's essential to understand the nature and scope of these rights so you can stay compliant with the GDPR.
The Right to be Informed
- Data subjects have the right to be informed about the collection and use of their personal data. This creates a variety of obligations for organizations.
The Right of Access
- Data subjects have the right to access their personal data and information about how personal data is processed. A data subject can request a copy of the actual data being processed via a data subject request.
The Right of Rectification
- Data subjects have the right to have inaccurate or incomplete personal data rectified and completed.
The Right of Erasure
- Data subjects have the right to be forgotten was refined down to a more limited right of erasure in the GDPR.
The Right to Restrict Processing
- Data subjects have the right to request the restriction or suppression of their personal data.
The Right to Object
- Data subjects have the right to object to how their information is used for marketing, sales, or non-service-related purposes.