In continuation to our last article we will discuss the remaining rights in today’s article. so we will begin with the followings-
2) Right of access by the data subject (s. 45)
This right enables the data subject to obtain from the controller, a confirmation if the personal data of his/her is processed or not or information related to –
- purposes of and legal basis for the processing
- the categories of personal data concerned
- the recipients of categories of recipients to whom the personal data has been disclosed
- the retention period of personal data
- the existence of data subject’s right to request from the controller (rectification and erasure of personal data or the restriction of its processing)
- the existence of data subjects’ rights to to lodge a complaint with the Commissioner and the contact details of the Commissioner
- communication of the personal data undergoing processing and available information of its origin.
When the request as mentioned above requested by the data subject then the controller must provide the information in writing without delay and before the expiry of the applicable time period. however, when the rights are restricted, the controller must inform the data subject in writing without delay about such restrictions and record the reasons for such decision to restrict
3) Right to the rectification of personal data
When the information about the data subject is inaccurate or incomplete then the Data subject can request to get it rectified or completed from the controller.
4) Right to erasure of personal data
The Data Controller must delete the personal data of the data subject without any delay when it is requested by the data subject. However, when the personal data is to be maintained for the purposes of evidence, the controller must instead of rectifying the personal data restrict its processing.
5) Restriction on the processing of personal data:
The data subject may request the controller to put a restriction on the processing of personal data and upon receiving the Controller has to act accordingly. This often happens when the personal data is needed for the purposes of evidence hence, instead of rectifying the personal data, the Controller restricts its processing.
Picture Credit-https://www.termsfeed.com/