Skip to content

Rights & Requests

From access requests to the right to erasure: everything about data subject rights and how to respond correctly.

search
push_pin
person_raised_hand

How to Set Up a Data Subject Request Process arrow_forward

A step-by-step guide to building a reliable process for handling GDPR data subject requests. From designating a contact point to documenting every step, this article covers everything an SME needs to handle requests correctly and on time.

11 April 2026 6 min read
push_pin
person_raised_hand

GDPR Data Subject Rights: The Complete Guide for Business Owners arrow_forward

The GDPR gives individuals 8 rights over their personal data. As a business owner, you must handle these requests correctly, within one month, free of charge, and well documented. This guide explains each right and what you need to do.

6 April 2026 8 min read
person_raised_hand

Data Subject Request Mistakes That Cost SMEs Fines arrow_forward

Six common mistakes SMEs make when handling data subject requests, with real enforcement examples and practical advice on how to avoid them. From ignoring requests to panic-deleting data.

11 April 2026 6 min read
person_raised_hand

Automated Decision-Making and Profiling: What Are the Rules? arrow_forward

Article 22 GDPR gives individuals the right not to be subject to decisions based solely on automated processing. This article explains when the rules apply, the exceptions, and what your business needs to do in practice.

11 April 2026 6 min read
person_raised_hand

Right to Object: When Customers Say Stop arrow_forward

A customer objects to how you process their data. Depending on the type of objection, you may have to stop immediately or you may be able to refuse. This article explains the two types of objection, when each applies, and what to do step by step.

11 April 2026 5 min read
person_raised_hand

Right to Data Portability: What You Need to Provide arrow_forward

A customer wants their data in a format they can take to another provider. This is a data portability request. This article explains what data to include, what format to use, and how to handle it step by step.

11 April 2026 5 min read
person_raised_hand

Right to Restriction of Processing: When and How arrow_forward

A customer says 'stop using my data while we sort this out.' This article explains step by step how to handle a restriction request under the GDPR, including the four legal grounds and practical implementation.

11 April 2026 5 min read
person_raised_hand

Right to Rectification: Correcting Personal Data arrow_forward

A customer or employee says their data is wrong and wants it fixed. This article explains step by step how to handle a rectification request under the GDPR, from verifying the correction to informing recipients.

11 April 2026 4 min read
person_raised_hand

Access Request Received - What Now? Step by Step arrow_forward

A customer or employee wants to know what personal data you hold about them. That is an access request. This article explains step by step how to respond correctly, from identity verification to providing the data.

7 April 2026 5 min read
person_raised_hand

Refusing a Data Subject Request - When Is It Allowed? arrow_forward

Not every data subject request needs to be granted. But you may only refuse if you have a valid reason. This article explains when refusal is allowed and how to communicate it correctly.

7 April 2026 4 min read
person_raised_hand

Right to Erasure: When Must You Delete Data? arrow_forward

A customer asks you to erase their data. Do you always have to comply? The right to erasure has limits. This article explains when you must delete and when you may refuse.

7 April 2026 5 min read