Login

An Overview of DSARs

overview of dsars
overview of dsars

Privacy laws were designed to balance companies’ needs for marketing information with the customers’ rights to privacy. Exercising this right can take a variety of forms. Today, we’ll be focusing on a particular right encoded in most major privacy laws: the right to submit DSARs.

What are DSARs?

A DSAR, or data subject access request, refers to a customer’s right to be informed about a company’s use of their personal information. The GDPR and CCPA both include guidelines for handling DSARs properly. 

DSARs were included in privacy regulations for multiple reasons. First of all, they allow customers to see how companies use their data and if they approve. Second, it allows the customers to make informed decisions on how to handle their personal data now and in the future. And finally, it forces companies to be transparent with their handling of personal information.

In a DSAR, customers can ask for:

  • Everything legally considered their personal data
  • How you acquired their data
  • How long you’ll keep their data
  • How you use their data
  • Anyone you share their data with

There are four types of DSARs:

  • Right to access: a request to view the data a company has collected on them
  • Right to update: a request to correct mistakes and/or outdated information in a company’s data
  • Right to portability: a request for a copy of their personal data
  • Right to be forgotten: a request for their personal data to be entirely purged from the system

Customers may submit a DSAR at any time, and for any of these four reasons. Companies must respond to the vast majority of these requests and do so in a timely manner.

While companies can refuse DSARs, this is only permitted rarely and for very specific reasons:

  • The request is unreasonable and/or excessive
  • The customer has no legitimate use for the requested data

A company that refuses a DSAR must be prepared to defend its decision in court. Any recorded reason of refusal must be sound, legally defensible, and demonstrably true.

The Right to Data Access

Privacy laws are concerned with customer rights above all else. While your company obviously prefers to focus on marketing, honoring your customers’ rights is critical. Responding promptly and efficiently to DSARs is just one step in the process.

Is your current DSAR system lackluster, or worse, nonexistent? Get in touch with us today and see how 4Comply can fix that.

This is an excerpt from our newest white paper, “DSARs: Costs & Solutions”. Download and read the full white paper here.

Related posts

4comply's unchangeable record the legal vault
August 26, 2021

4Comply’s Unchangeable Record: The Legal Vault

Read more
4comply citizen rights fulfillment dsar
August 12, 2021

The 4Comply Method of Citizen Rights Fulfillment

Read more
privacy software, 4comply for consent rights fulfillment
August 5, 2021

Why 4Comply for Consent & Rights Fulfillment

Read more

Contact Us

We deliver privacy solutions.

4Comply helps your organization build trust through compliance. Connect with our experts and learn how our privacy compliance software and service can help.