In this multipart guide, we will be assessing your rights and obligations in the rapidly approaching GDPR, equipping you with the knowledge to stay secure once the new regulation comes into play.
What is the right to rectification?
Under the GDPR, all individuals have the right to rectify any personal data held by an organisation. This applies when the information is inaccurate or incomplete. If you have disclosed this personal data to any third parties, it is your responsibility to inform all parties holding this data or the rectification, and to inform the individual who the data concerns of the third parties to whom the data has been disclosed.
How long do I have to comply with a rectification request?
Unless special requirements are met, the rectification request must be fulfilled within one month. This can be extended if the request is especially complex, however this should be kept to a reasonable timeframe. As with most data requests under the GDPR, if the request is going to take longer than the allocated timeframe, or if you are not actioning a rectification request, you must inform the individual, as well as explaining the reason why.
In your response, you must also inform the individual of their right to complain to the supervisory authority and to a judicial remedy. Read the relevant articles in the GPDR here.
What does this mean for my business?
This means that any individual needs to have access to their personal data at any time, as well as having the option to update incorrect or incomplete records. Whether this is a result of a contact having changed names, address or contact details, or whether the record is incomplete to begin with, it is important that you include an option to get in touch to correct these details in any messages where this data is utilised, or referenced.
This could be included as a disclaimer within the content itself, or as a note regarding queries or inaccuracies, however this is displayed, it is important that it is clear and concise, and offers a direct method of communication with the relevant contact within your organisation, or guiding the contact to a comprehensible platform where they can update the relevant data.
To find out more about GDPR compliance within your business and best practise for data processing, give MarketDeveloper a call today on +44 1784 432 082.