Overview of a Data Access Request Response Letter

What is a Data Access Request Response Letter?

The General Data Protection Regulation (“GDPR”) is a new Privacy law in the European Union (“EU”), which came into force on 25 May 2018. The GDPR regulates the protection of personal data, which includes any information that can be used to identify a person, such as a name, identification number, location data, or online identifier, and a wide range of other types of information.

The GDPR applies to all business in the EU, including the UK. However, if you are a business outside the EU that collects personal data from individuals in the EU, and you make decisions about how and why the personal data is used, you will be considered a “controller” under the GDPR, and be subject to its rules regarding the data of those individuals. If you process personal data of individuals in the EU on behalf of a controller, you will be considered a “processor”, and will also need to comply with the GDPR.

When should you use a Data Access Request Response Letter?

A Data Access Request Response Letter allows personnel responsible for data privacy to respond to a subject access request made under the GDPR.

Important Note: The GDPR is a complex principle-based law subject to further interpretation by the supervisory authorities of each EU country. If you are not sure whether your data handling practices are compliant with the GDPR, please seek professional legal advice.

Ready to get started?


Create a free account now and explore all of the Zegal features.

Get Started

No credit card required