Data Protection and GDPR Level 3 for Managers and Business (VTQ)

64 videos, 2 hours and 55 minutes

Course Content

Subject Access Requests - Part 1

Video 60 of 64
3 min 35 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

Changes to Handling Subject Access Requests (SARs) under GDPR

New Timeframe for Response

Extended Deadline: You now have one calendar month to respond to a Subject Access Request (SAR).

Considerations: Response deadline adjusts for varying days in different months.

Practical Approach: Many companies opt for a simplified 28-day response policy for compliance certainty.

Recognition of Requests

Diverse Channels: SARs can be received via various channels including telephone, email, mail, online, social media, or face to face.

Staff Training: All customer-facing staff need to be trained to identify SARs.

Accessible Forms: Offer SAR submission forms on the website, but individuals can request through any means.

Fee Policy Changes

No Charging by Default: Charging a fee for SARs is prohibited unless deemed "manifestly unfounded or excessive."

Justification: Businesses must justify fees, especially for high-volume or repeated requests.

Compliance: In most cases, businesses must provide information without charging a fee.