Understanding GDPR – Part Three: Right to rectify personal data

In this multipart guide, we will be assessing your rights and obligations in the rapidly approaching GDPR, equipping you with the knowledge to stay secure once the new regulation comes into play.


What is the right to rectification?

Under the GDPR, all individuals have the right to rectify any personal data held by an organisation. This applies when the information is inaccurate or incomplete. If you have disclosed this personal data to any third parties, it is your responsibility to inform all parties holding this data or the rectification, and to inform the individual who the data concerns of the third parties to whom the data has been disclosed.


How long do I have to comply with a rectification request?

Unless special requirements are met, the rectification request must be fulfilled within one month. This can be extended if the request is especially complex, however this should be kept to a reasonable timeframe. As with most data requests under the GDPR, if the request is going to take longer than the allocated timeframe, or if you are not actioning a rectification request, you must inform the individual, as well as explaining the reason why.

In your response, you must also inform the individual of their right to complain to the supervisory authority and to a judicial remedy. Read the relevant articles in the GPDR here.


What does this mean for my business?

This means that any individual needs to have access to their personal data at any time, as well as having the option to update incorrect or incomplete records. Whether this is a result of a contact having changed names, address or contact details, or whether the record is incomplete to begin with, it is important that you include an option to get in touch to correct these details in any messages where this data is utilised, or referenced.

This could be included as a disclaimer within the content itself, or as a note regarding queries or inaccuracies, however this is displayed, it is important that it is clear and concise, and offers a direct method of communication with the relevant contact within your organisation, or guiding the contact to a comprehensible platform where they can update the relevant data.


To find out more about GDPR compliance within your business and best practise for data processing, give MarketDeveloper a call today on +44 1784 432 082.

Share this post

Leave a comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
5 + 3 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About MarketDeveloper

MarketDeveloper is a CRM and Marketing Automation supplier based in Egham. The company was formed from the merging of two marketing solutions in 2009 and has been committed to creating and updating a highly powerful, flexible and intuitive Single Customer View solution. A selection of MarketDeveloper clients include The Mail, VisitWales, ScotRail and Cosmos. In December 2018, MarketDeveloper was acquired by BlueVenn.