aazar | 8 years ago | on: The Nightmare Letter: A Subject Access Request Under GDPR
aazar's comments
aazar | 8 years ago | on: The Nightmare Letter: A Subject Access Request Under GDPR
Yes, you can and you should. Every government should be able to respond. Nobody is bared on Data subject request
aazar | 8 years ago | on: The Nightmare Letter: A Subject Access Request Under GDPR
To create the data subject access request, you first need to understand your own internal process. For that, you need to comply with article 30 i.e. records of processing activities.
We help you create at that ecomply.io and then once you're done, we will help you create data subject access request as well.
page 1
First of all, you need to understand, do you have customers in Europe. If yes, is data your everyday thing? If yes, then you need to comply with Article 30 first. Article 30 asks, how many processes of you have, how many of them have personal data involved, and then tell you to answer purpose, legal basis, category of personal data and deletion request.
I took an interview from Mailjet how they did it: https://ecomply.io/how-to-become-gdpr-compliant-insights-fro...
Now, how to answer Subject Access Request, once you're done with article 30 i.e. records of processing activities, you'll know what, where and how you obtained that data with the purpose and legal basis. This request will be difficult to answer then:
Here are the 10 steps you need to do: https://ecomply.io/10-critical-steps-to-general-data-protect...
It's a piece of cake then.
Plus, you need to change your way of doing sales & marketing in Europe: https://ecomply.io/pimping-up-your-sales-in-a-post-gdpr-worl...