Subject Access Requests under the GDPR
The GDPR allows individuals to access information from organisations that process their personal data by means of a subject access request. As the GDPR applies to all personal data that an organisation processes, employers should accept subject access requests not just from employees, but also from workers, contractors, apprentices and volunteers.
Since May 25th 2018, when the GDPR came into force, the company must advise the employee on the personal data that it collects about the employee and what the company does with that information, including how the information is used, stored, transferred, secured and the employee’s rights in relation to the data stored.
Under the GDPR, the time limit for responding to a subject access request is one month from the date of receipt. If a request is complex, the time period for response can be extended by a further two months.
This subfolder of documents includes a Subject Access Request Form – GDPR Compliant and a variety of letters that can be used by the employer to respond to different Subject Access Request scenarios.
These GDPR Subject Access Request Documents are part of the Emplolyment Documents Folder. Just £35.00 + VAT will provide you with 1 year's unlimited access to download all/any documents from the Employment Folder.