The majority of business are failing to comply with GDPR

According to a survey conducted by California based company Talend, 70% of companies surveyed couldn’t fulfill data access and portability requests within the GDPR-specified one-month time limit.

The research was based on personal data requests made to 103 companies based or operating in Europe across industries including retail, media, technology, public sector, finance, and travel. Conducted between June 1 and September 3, 2018, Talend assessed responses to GDPR Article 15 (“Right of access by the data subject”) and Article 20 (“Right to data portability”) requests, monitoring areas including GDPR references in privacy policies, and the speed and completeness of responses.

How to answer a GDPR data subject request in 6 steps

So you have just received an e-mail with the title “Delete all my data!”, or “Send me everything you know about me!”. After the initial shock, you will have to soon realise, that what you are now faced with is most probably a data subject request under the framework of the new General Data Protection Regulation.

The EU’s new Regulation, which has an enormous scope of applicability and tons of new obligations for data controllers, gives the data subjects extraordinary new rights, that allow them to exercise new rights that are quite timely in today’s digital age. So let’s see what you should do when you receive such an e-mail!