Remedial Rights of Data Subject

Remedial rights are those rights provided under chapter 8 of the GDPR giving the effective remedies to the data subject by which a data subject can approach the authorities upon the breach of any rights or provisions of GDPR. 

Right to lodge a complaint with a supervisory authorities (Art.77) 

Article 77 states that apart from judicial or administrative remedies, every data subject must have a right to lodge a complaint with a supervisory authority, in particular in the member state of his/her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing personal data relating to him/her infringes GDPR.

The Supervisory authority with which the conpaliind has been lodged must inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy.

Right to an effective judicial remedy against a supervisory authority (Art.78)    

Article 78 states that other than administrative or non- judicial remedy, each natural or legal person must have the right to an effective judicial remedy, a legally binding decision of a supervisory authority concerning them. 

Furthermore, each data subject must have the right to an effective judicial remedy where the supervisory authority which is competent pursuant to article 55 and 56 does not handle a complaint or does not inform the data subject within 3 months on the progress or outcome of the complaint lodged. 

Proceedings against a supervisory authority must be brought before the courts of the Member State where the supervisory authority is established.

Where proceedings are brought against a decision of a supervisory authority which was preceded by an opinion or a decision of the Board in the consistency mechanism, the supervisory authority must forward the opinion or decision to the court. 

Right to an effective judicial remedy against a controller or processor (Art.79)

Article 79 states that without prejudice to any available administrative or non-judicial remedy, including the right to lodge a complaint with a supervisory authority, each data subject must have the right to an effective judicial remedy where he/she considers that his/her rights under this regulation have been infringed as a result of the processing of his/her personal data in non-compliance with GDPR.

Subsequently, proceedings against a controller or a processor must be brought before the courts of the Member States where the controller or processor has an establishment alternatively, such proceedings may be brought before the courts of the Member states where the data subject has his/her habitual residence, unless the controller or processor is a public authority  of a member state acting in the exercise of its public powers.

Picture Credit- https://dataprivacymanager.net