Sign-in Help

Data subject rights

View Risk & Compliance by content type:

News
Practice notes
Precedents
Q&As

Latest Risk & Compliance News

Ringing the changes with the CPS’s Economic Crime Strategy 2025

Ringing the changes with the CPS’s Economic Crime Strategy 2025

The following Corporate Crime news provides comprehensive and up to date legal information on Ringing the changes with the CPS’s Economic Crime Strategy 2025

Risk & Compliance weekly highlights—8 April 2021

Risk & Compliance weekly highlights—8 April 2021

The following Risk & Compliance news provides comprehensive and up to date legal information on Risk & Compliance weekly highlights—8 April 2021

LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

The following Commercial news provides comprehensive and up to date legal information on LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

DPAs may not be receiving sufficient judicial scrutiny

DPAs may not be receiving sufficient judicial scrutiny

The following Corporate Crime news provides comprehensive and up to date legal information on DPAs may not be receiving sufficient judicial scrutiny

Featured Risk & Compliance content

Money Laundering Regulations 2017—simplified due diligence

Money Laundering Regulations 2017—simplified due diligence

You may apply simplified customer due diligence (SDD) measures in relation to particular business relationships or transactions which you determine...

Facilitation payments under the Bribery Act 2010

Facilitation payments under the Bribery Act 2010

Facilitating the performance of a duty by public officialsFacilitation payments, also known as facilitating or grease payments, are generally small...

What is a solicitor's undertaking?

What is a solicitor's undertaking?

An undertaking is a commitment by a solicitor to do something. It can be enforced against the solicitor by the courts. Failure to comply with an...

Dawn raid—who can raid my organisation and why?

Dawn raid—who can raid my organisation and why?

The UK Government has legislated to permit a number of UK authorities to obtain search warrants to 'raid' a business premises. The potential for a...

Practice notes

Active bribery, passive bribery and bribing foreign public officials

The purpose of this Practice Note is to provide a general understanding of the offences under section 1, 2 and 6 of the Bribery Act 2010 (BA 2010). It...
Read More >
Produced in partnership with Joanne Kane of Carmelite Chambers 12th Jan
Practice notes

High-risk third countries tracker

This Practice Note lists high-risk third countries identified by the Financial Action Task Force (FATF), HM Treasury and the European Commission as...
Read More >
9th Nov
tag iconIn-house
Practice notes

Getting the Deal Through: Merger Control 2021

Jurisdictions coveredThe following jurisdictions are covered in this report:Albania; Australia; Austria; Belgium; Bosnia and Herzegovina; Brazil;...
Read More >
9th Nov
Precedents

Modern slavery: contract clauses

1DefinitionsModern Slavery Policy•means the Customer's anti-slavery and human trafficking policy as set out in Schedule [insert] as updated by the...
Read More >
9th Nov
tag iconIn-house
Practice notes

AML and counter-terrorist financing—source of funds

Source of funds and wealth was a key focus of the SRA’s Preventing Money Laundering and Financing of Terrorism thematic review, published in March...
Read More >
9th Nov
tag iconIn-house
Practice notes

Introduction to retained EU law

This Practice Note provides an introduction to retained EU law, which is an entirely new legal concept introduced to UK domestic law in preparation...
Read More >
9th Nov
tag iconBrexit
Precedents

Standard contractual clauses—set II—controller to controller (Model Clauses)

DRAFTING FOR BREXIT: For the latest information on the impact of Brexit on the drafting, negotiation and enforceability of this Precedent, see...
Read More >
9th Nov
Practice notes

Money Laundering Regulations 2017—nominated officer

This Practice Note sets out when organisations must appoint a nominated officer, the duties of the nominated officer and practical steps nominated...
Read More >
9th Nov
tag iconIn-house

Most recent Data subject rights content

Practice notes

Data subject rights—objection to processing

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly...
Read More >
9th Apr
Practice notes

Data subject rights—rectification, erasure and restriction of processing

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly...
Read More >
9th Apr
Practice notes

Data subject rights—key elements tables [Archived]

ARCHIVED: This document has been archived and is not maintained. This Practice Note contains a table providing brief details of the key elements of...
Read More >
9th Apr
Practice notes

Data subject rights—access

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly...
Read More >
9th Apr
Practice notes

Data subject rights—data portability

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly...
Read More >
9th Apr
Practice notes

Data subject rights—automated decision making, including profiling

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly...
Read More >
9th Apr
Precedents

Data protection privacy notice (employment)

IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation period entered into following the UK’s...
Read More >
29th Mar
Precedents

Policy—data subject access requests

IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation period entered into following the UK’s...
Read More >
29th Mar
tag iconIn-house
Q&As

When making a data subject access request to a law firm, is a client entitled to copies of the firm’s own internal communications relating to allegations of negligence by the client against the firm? Is the answer the same for a client complaint rather than an actual or potential claim?

Personal data that is subject to a duty of client confidentiality or contained within communications that are considered to be legally privileged may...
Read More >
Produced in partnership with Peter Steel of Augury Consulting Limited 24th Mar
Q&As

Can a limited company make a subject access request? Can a director of a limited company ask for recordings of calls with us? If yes, what personal data must we provide?

This Q&A draws on the Information Commissioner’s Office’s (ICO’s) guidance on business-to-business marketing, which may or may not be relevant...
Read More >
Produced in partnership with Peter Steel of Bevan Brittan 24th Mar
Q&As

When complying with a data subject erasure request, do we have to delete information in our backups?

Article 17 of Retained Retained Regulation (EU) 2016/679, UK General Data Protection Regulation (UK GDPR) grants data subjects the right to have their...
Read More >
24th Mar
Q&As

How do I calculate the time limit for responding to a data subject request?

The General Data Protection Regulation, Regulation (EU) 2016/679 (GDPR) provides for enhanced rights for data subjects, including providing rights of...
Read More >
24th Mar
Q&As

Refusing a data subject request—what is ‘manifestly unfounded or excessive’?

The General Data Protection Regulation (GDPR) provides for enhanced rights for data subjects, including providing rights of access, rectification,...
Read More >
24th Mar
Q&As

When receiving a subject access request in relation to CCTV images, how do I deal with images of individuals other than the person to whom the request relates? What if the data subject to whom the request relates is a child?

Practice Note: Handling data subject requests explains that you do not have to comply with a data subject access request if doing so means disclosing...
Read More >
24th Mar
Q&As

What data/information can a data subject request from me under the right of access?

The General Data Protection Regulation provides for enhanced rights for data subjects including providing rights of rectification, erasure and...
Read More >
24th Mar
Q&As

Do I have to return original correspondence to a third party from a matter I am no longer instructed on where that person has requested access to it under the General Data Protection Regulation?

Correspondence sent by third parties to a firm in the course of a matter generally belongs to the client, and copies of that correspondence made by...
Read More >
24th Mar
Q&As

We are acting for a client in a dispute. We are pre-action. The opposing party (our client's ex-partner) has made a Data Subject Access Request of this firm. Can we resist on the basis that it is a fishing expedition? Does Legal Advice Privilege apply and to what extent?

Processing personal dataThe obligations that the General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) places on data processors and...
Read More >
Produced in partnership with Peter Steel of Augury Consulting Limited 24th Mar
Q&As

How do we respond to customers who question or challenge us in relation to automated decision making?

Article 22(1) of the General Data Protection Regulation (UK GDPR), Retained Regulation (EU) 2016/679gives data subjects the right not to be subject to...
Read More >
24th Mar
Q&As

How long do I have to comply with a data subject request?

The General Data Protection Regulation (GDPR) provides for enhanced rights for data subjects including providing rights of access, rectification,...
Read More >
24th Mar
Q&As

What makes a data subject access request ‘complex’?

The General Data Protection Regulation (GDPR) provides for enhanced rights for data subjects in the EU including providing rights of access,...
Read More >
24th Mar

Popular documents

LEXISNEXIS

PRA Rulebook—introduction for the insurance and reinsurance sector

On 29 August 2015, the Prudential Regulation Authority (PRA) published the PRA Rulebook (Rulebook). The transition from the Handbook to the Rulebook was intended to benefit PRA-authorised firms, to access clearer and more concise rules. Alongside the Rulebook, supervisory statements and statements

LEXISNEXIS

Quantum meruit (value of services) and quantum valebat (value of goods)

When is quantum meruit and quantum valebat relevant?Claims in quantum meruit (value of services) and quantum valebat (value of goods) arise in diverse situations ranging from where contractual terms are silent on issues of payment to where there is no contract at all (Serck v Drake & Scull).General

LEXISNEXIS

Acting in concert

Produced with input from Rebecca Cousin of Slaughter and May on market practice.This Practice Note summarises the rules and guidance in relation to parties who are, or may be presumed to be, acting in concert for the purposes of The City Code on Takeovers and Mergers (the Code). In particular the

LEXISNEXIS

Automatism

Definition of automatismAn act is done in a state of automatism if it is done by the body without control by the mind, (eg it is a spasm or a reflex), or if it is done by a person who is not conscious of what they are doing. The act may be described as involuntary, but will not be regarded as such