Right of Correction under the GDPR – How to respond
Data subjects have the right to request for their personal data to be corrected. Often your software packages will allow for the user to update his account through the web interface, which is the easiest way to handle things. For the affected services without a self-service option, please consider the below.
GDPR and right to correct inaccurate personal data – Important Considerations
- Before you do anything, you need to verify the identify of the requestor
- You should respond to the request within one month. We advise to acknowledge the correction request asap. Where requests are complex or numerous, you are permitted to extend the deadline to three months while explaining why the extension is necessary.
- Make sure not to overlook any systems. Personal data is often kept in both electronic and paper based correspondence. GDPRWise users you can consult the system section in your Dossier to make sure you do not overlook anything.
- Before correcting data, you might want to check you have a copy / backup of the current state.
Compliance with Right of Correction – Templates
Use the below templates to acknowledge and respond to the request.