The following Risk & Compliance Q&A provides comprehensive and up to date legal information covering:
The General Data Protection Regulation, Regulation (EU) 2016/679 (GDPR) provides for enhanced rights for data subjects, including providing rights of access, rectification, erasure and restriction of processing, data portability and a right to object to processing, with strict time limits for complying.
Under the GDPR, you must respond to a data subject request without undue delay and in any event within one month of receipt of the request.
That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. You must inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay. See Q&As: What makes a data subject access request ‘complex’?, How long do I have to comply with an access request? and How do I calculate the time limit for responding to a data subject request?
One of the first steps on receiving a data subject request should be to confirm the requester’s identity (and so avoid a data breach). There are limits to when and how you should request identity information, but if you have doubts about the identity of the person making the request, you can, within reason, ask for more information.
For more information, see Practice Note: Handling data subject requests—Identifying the person making the request and Preceden
**Trials are provided to all LexisPSL and LexisLibrary content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these LexisPSL services please email customer service via our online form. Free trials are only available to individuals based in the UK. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
To view the latest version of this document and thousands of others like it, sign-in to LexisPSL or register for a free trial.
Existing user? Sign-in
Take a free trial
What is rescission of a contract?The remedy of rescission is available to a party whose consent, in entering into a contract, has been invalidated in some way:•the effect of rescinding a contract is to extinguish it and restore the parties to their pre-contractual positions•the main grounds of
Tipping off and prejudicing an investigationIt would undermine the benefit to the authorities if, a suspicious activity report (SAR) having been made, the alleged offender were to be made aware of the interest in their activities so that they could take steps to cover up their misdeeds or disappear.
LiabilityFalse imprisonment consists of the complete deprivation of liberty without a lawful basis. Claims will in practice be made against a public body that exercises detention powers, usually a local police force, the Secretary of State for the Home Department or the Secretary of State for
What is QOCS?Qualified one-way costs shifting (QOCS) was introduced on 1 April 2013 as part of the Jackson costs reforms following the removal of a claimant’s right to recover additional liabilities from the defendant, ie success fees and after the event (ATE) insurance premiums. The relevant CPR
0330 161 1234
To view our latest legal guidance content,sign-in to Lexis®PSL or register for a free trial.