Unlock AI Compliance: Master the new EU AI Act with our comprehensive guide.
Call Us at: +44 1772 217800 +353 01 554 9700 +1 303 317 5998
Call Us at: +1 303 317 5998

Share

2 min read

Writen by Zlatko Delev

Posted on: April 13, 2021

Do you know how to recognize a SAR?

As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the rights is the Right to Access .

The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why you are using their data, and check you are doing it lawfully.

An individual can make a SAR verbally or in writing, including on social media. A request is valid if it is clear that the individual is asking for their own personal data. An individual does not need to use a specific form of words, refer to legislation or direct the request to a specific contact.

An individual may ask a third party (eg a relative, friend or solicitor) to make a SAR on their behalf. You may also receive a SAR made on behalf of an individual through an online portal. Before responding, you need to be satisfied that the third party making the request is entitled to act on behalf of the individual. It is the third party’s responsibility to provide evidence of their authority.

What should you consider when responding to a request?

You must comply with a SAR without undue delay and at the latest within one month of receiving the request. You can extend the time to respond by a further two months if the request is complex or you have received a number of requests from the individual, eg other types of requests relating to individuals’ rights.

If you process a large amount of information about an individual, you may be able to ask them to specify the information or processing activities their request relates to, if it is not clear. The time limit for responding to the request is paused until you receive clarification, although you should supply any of the supplementary information you can do within one month.

Subject Access Request policy with all the following steps for responding to SAR and templates for responding for the same, can always make your life easier, so if you need to know more information on the following ,GDPR Local is here to help you.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.

Contact Us

Recent blogs

Article 14 Guide: Meeting Regulatory Requirements for Personal Data Not Directly Obtained from Data Subjects

Imagine a software-as-a-service (SaaS) company looking to grow its clientele by purchasing leads fr

Meet the GDPRLocal Team: Sibel Amet

Data protection is not an easy job, and sometimes it can get overwhelming. Working as a team, like

Empower Your AI Strategy: A Guide to ISO/IEC 42001 Implementation

In our recent blogs “The EU’s Artificial Intelligence Act and Its Implications for Business”

Get Your Account Now

Setup in just a few minutes. Enter your company details and choose the services you need.

Create Account

Get In Touch

Not sure which option to choose? Call, email, chat to us
anytime.

Contact Us
06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.

Full Name is required!

Business Email is required!

Company is required!

Please accept the Terms and Conditions and Privacy Policy