Compliance & Audit

Data Subjects' Rights

The management of data subject rights is a very delicate element in the relationship between a company and its users. If it is not managed properly it can lead to important consequences, in terms of reputational damage even before legal damage.

data-subjects-rights-image.png

Overview

The management of data subject rights is a very delicate element in the relationship between a company and its users. If it is not managed properly it can lead to important consequences, in terms of reputational damage even before legal damage.

Needs

The privacy regulations establish a series of Data Subject Rights, for example: the right to erasure or to be forgotten, the right to portability, the right to correction, the right to be informed. Some regulations provide for 4 rights, others 5, or 6 or 7 Regardless of the number and type of rights, when a company receives a request from the interested party, it will have to handle it quickly, using a reliable and traceable process.

Responsibilities

Each request must be assigned to a person or a function that will have to take care of it.

Tracking

Every request must be traced, from the moment it is received to the moment it is completed.

Mapping

To properly and efficiently process a request, it is necessary to know exactly where the personal data is located.

How to

Blindata helps companies to effectively manage the requests of the interested party, providing tools for tracking requests and simplifying their execution.

The issue management module allows to record the requests of the Data Subject, connect them with the mapped metadata and assign it to a Blindata user, specifying a due date. The issues can be organized into campaigns, which group homogeneous issues by type, for example on the basis of the right to which the request refers. Through the notification function, the person in charge of the request receives a communication, then the progress can be monitored by the tracking console.

The management of the rights of the interested party can only be done on condition that it is known exactly which personal data are processed and where they are stored. The Blindata data Classification module allows you to scan data repositories by applying custom rules and thus assign a meaning to the different columns of the different tables.

Blindata processing registry module provides the tools for mapping the processing of personal data and their characteristics, such as the categories of data involved and the related retention periods, the Data Subject categories, the security measures. etc. The generation of RoPA can be done using custom templates, versioned and archived. All information can be navigated using the Blindata Privacy Graph.