Individuals may contact your company/organisation to exercise their rights under the GDPR (rights of access, rectification, erasure, portability, etc.). Where personal data is processed by electronic means, your company/organisation should provide means for requests to be made electronically. your company/organisation must reply to their request without undue delay, and in principle within 1 month of the receipt of the request.
It can ask them for additional information in order to confirm the identity of the person making the request.
If your company/organisation rejects the request then it has to inform the person of the reasons for doing so and of their right to file a complaint with the Data Protection Authority and to seek a judicial remedy.
Dealing with requests of individuals should be carried out free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, you may charge a reasonable fee or refuse to act.
DELTA Datenschutz & Compliance is a specialized consulting company for privacy, data protection, IT security and compliance management.
We advise our clients on the implementation of national, European and international data protection regulations in the company and the implementation of IT security and compliance management systems. We maintain close contact with our customers and offer you a service adapted to your company. Clients of DELTA Datenschutz & Compliance are well-known companies within the start-up scene and medium-sized companies, from real estate to traditional industrial companies, from medical centers to institutions.
DELTA Datenschutz & Compliance is your external Data Protefction Officer.