Who has our personal data, and what are they doing with it?
The GDPR recognizes your right to know! And if you don’t like what you find out, the GDPR gives you the right to do something about it.
As EU citizens come to know their Data Subject Rights (DSR), businesses need to understand their new responsibilities and take the necessary steps before the GDPR takes effect on 25 May 2018.
Under the GDPR, anyone who processes the personal data is required to make it easy for them to find out exactly what data is on record. And it must be easy for them to determine for themselves how it’s being used. They can even request that their data not be used, or even stored at all.
Are You Ready?
Are you prepared to respond to DSR requests?
The GDPR requires businesses to respond to and comply with these requests in a timely, transparent manner. And of course they are equally responsible to only grant access to the actual owner of the personal data.
What a terrible shame if your efforts to comply with the GDPR ended up causing a data breach! Serious violations of GDPR compliance can result in fines of up to €20 million or 4% of global annual turnover, whichever is more.
Making GDPR Compliance Easier
Updating your systems and processes for the GDPR is a large undertaking. To save you development time and cost, third-party solutions can make some areas of compliance much easier.
To securely identify data subjects requesting access to their personal data, Scrive offers a simple plug-and-play DSR registration module. In Sweden and Norway, instantly verify data subject identity using BankID, in Denmark with NemID. Find out about Scrive GDPR - DSR.