Decisions
 
FAQ
 
Themes
 
 
 
 
Security
Search

Keywords




 

Rights of individuals



  • The right to be informed / Transparency: You have the right to know who is processing your data, what categories of data they are using and why. The organisations processing your data must give you clear information in plain language (for more details see Articles 12, 13 and 14 of the GDPR).

  • The right of access: You have the right to request access to your personal data that an organisation has about you (for more details see Article 15 of the GDPR). You can exercise this right free of charge in most cases by making an access request in writing or verbally, if you wish to.

  • The right to rectification: You have the right to have the data rectified, if your data is inaccurate and/or incomplete (for more details see Articles 16 & 19 of the GDPR).

  • The right to erasure (‘right to be forgotten’): You have the right to have your personal data erased under specific conditions, such as where your data is no longer necessary, you have withdrawn your consent, your data has been unlawfully processed etc. (for more details see Articles 17 & 19 of the GDPR).

  • The right to restriction of processing: You have the right to obtain restriction of processing where the accuracy of your personal data is contested, the processing is unlawful, the controller no longer needs the personal data for the purposes of the processing, you have objected to automated processing (for more details see Articles 18 and 19 of the GDPR).

  • The right to data portability: You have the right to have your data transmitted to another data controller (for more information see Article 20 of the GDPR).

  • The right to object: You have the right to object to the processing of your personal data by an organisation, provided that this is not contrary to the public interest (for more details see Article 21 of the GDPR).

  • The right to human intervention: You have the right to object where a decision is based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you (for more details see Article 22 of the GDPR).