Data subject rights

The GDPR grants individuals a set of rights to safeguard their personal data and ensure transparent data processing. These include the rights to be informed, to access data, to ask for rectification, to request erasure of data (‘right to be forgotten’), to restrict processing, to object to certain uses, to seek portability of data, and not to be subject to a decision based solely on automated processing.
Organisations are obliged to promptly respond to such requests and facilitate the exercise of individual rights, establishing clear procedures.