Please enable JavaScript.
Coggle requires JavaScript to display documents.
Data Subjects (Rights of a Data Subject (Right of access (Formalities,…
Data Subjects
-
E.g. employees are data subjects of their employers, students are data subjects of their education providers
-
Sensitive Personal Data
Data in relation to:
•Racial or ethnic origin
•Political, religious, philosophical believes
•Trade union membership
•Physical/mental health
•Sexual life
•Commission/alleged commission of any offence or related proceedings/sentences
Express consent of the data subject must be obtained before sensitive personal data can be gathered or processed.
Exceptions e.g.; for statistical purposes
Personal data
-
Any information relating to an individual that can lead to the identification of that individual, either by or in conjunction with other information
-
Rights of a Data Subject
Right of access
-
Formalities, procedures and obligations
-
Subject seeking to access their personal data should give the controller any information necessary to identify his data
The controller is entitled to satisfy themselves as to the identity of the person making the request
Personal data relevant to the request should be communicated in an intelligible form, and a permanent copy should be supplied.
Third party information (the controller is not required to comply with the request if it requires disclosing data related to 3rd party, unless the 3rd party gave its consent or it is reasonable to comply with the request without the third party’s consent)
Exemptions (when a data controller may have a legitimate reason not to respond in full to a DAR, e.g. legally privileged documents)
Failing to comply with a data subject access request =>
a complaint with the Data Protection Commissioner => a formal ODPC complaints process, an audit and/or criminal prosecution
-
-
-