What rights do customers and staff have?
All data subjects have ‘rights’ under GDPR, to include staff and clients. The GDPR provides the following rights for individuals:
Data subject consent?
This is clearly defined by GDPR, what the data subjects wishes are in processing their data.
What is a freedom of information request?
Under the GDPR, individuals will have the right to obtain:
You must provide a copy of the information free of charge. However, you can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
You may also charge a reasonable fee to comply with requests for further copies of the same information. This does not mean that you can charge for all subsequent access requests.
In order to provide the information you must verify the identity of the person making the request, using “reasonable means”. If the request is made electronically, you should provide the information in a commonly used electronic format.