Share

2 min read

Writen by Zlatko Delev

Posted on: April 13, 2021

Do you know how to recognize a SAR?

As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the rights is the Right to Access .

The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why you are using their data, and check you are doing it lawfully.

An individual can make a SAR verbally or in writing, including on social media. A request is valid if it is clear that the individual is asking for their own personal data. An individual does not need to use a specific form of words, refer to legislation or direct the request to a specific contact.

An individual may ask a third party (eg a relative, friend or solicitor) to make a SAR on their behalf. You may also receive a SAR made on behalf of an individual through an online portal. Before responding, you need to be satisfied that the third party making the request is entitled to act on behalf of the individual. It is the third party’s responsibility to provide evidence of their authority.

What should you consider when responding to a request?

You must comply with a SAR without undue delay and at the latest within one month of receiving the request. You can extend the time to respond by a further two months if the request is complex or you have received a number of requests from the individual, eg other types of requests relating to individuals’ rights.

If you process a large amount of information about an individual, you may be able to ask them to specify the information or processing activities their request relates to, if it is not clear. The time limit for responding to the request is paused until you receive clarification, although you should supply any of the supplementary information you can do within one month.

Subject Access Request policy with all the following steps for responding to SAR and templates for responding for the same, can always make your life easier, so if you need to know more information on the following ,GDPR Local is here to help you.

Recent blogs

Guidance for the use of personal data in political campaigning

Introduction It is vital in any democratic society that political parties and campaigners are ab

GDPR Regulations for CCTV , Photography and Video equipment and drones.

CCTV In general, CCTV is directed at viewing and/or recording the activities of individuals. The

Transferring personal data by USB device

USB devices offer a convenient way to transfer data between two computers. However, their small phy

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.

06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.