Understanding GDPR – Part Five: The right to suppress personal data processing

In this multipart guide, we will be assessing your rights and obligations in the rapidly approaching GDPR, equipping you with the knowledge to stay secure once the new regulation comes into play.


What is the right to suppress personal data processing?

One of the points which the GDPR highlights in regards to personal data processing is the “right to restrict processing”, but what does this really mean? In short, this entitles any individual whose data you hold to have the right to suppress processing of this personal data. This means that you cannot further process this data at all, but you are still permitted to store the data, and retain enough information as is needed to ensure that this restriction on processing is maintained in future.


The technical details

As a business, you are required to restrict the processing of personal data when an individual contests the accuracy of the data held, at which point you should restrict any processing until the accuracy of the data has been confirmed. Under similar protocol, if the processing is unlawful, and the individual requests restriction in place of erasure, this should be respected immediately. This also applies when the personal data is no longer needed, but the data is required by the individual to establish, exercise, or defend a legal claim.

If an individual has objected to the processing on the grounds that it was necessary to do so for the performance of a public interest task or with legitimate interest, but you believe your organisation has legitimate grounds to processing which override those of the individual in question, the right to restrict processing applies.


What does this mean for my business?

This means that any business that holds and processes personal data, regardless of source, needs to have a process in place in time for the May deadline which allows contacts to register a request to restrict processing. This should be fulfilled as soon as possible, from which point the data must no longer be processed.

Your business should then retain the record of this request, as well as retaining any data which is needed to ensure there is no further processing on these records in future.


To find out more about GDPR compliance within your business and best practise for data processing, give MarketDeveloper a call today on +44 1784 432 082.

Share this post

Leave a comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
3 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About MarketDeveloper

MarketDeveloper is a CRM and Marketing Automation supplier based in Egham. The company was formed from the merging of two marketing solutions in 2009 and has been committed to creating and updating a highly powerful, flexible and intuitive Single Customer View solution. A selection of MarketDeveloper clients include The Mail, VisitWales, ScotRail and Cosmos. In December 2018, MarketDeveloper was acquired by BlueVenn.