Next |
Step 1: Upon receiving the request and confirming the individual's identity, provide them with confirmation that their personal data is being processed.
Step 2: Furnish the individual with copies of their own personal data. They are only entitled to their data, not others', unless they provide appropriate proof.
Step 3: Include supplementary information such as the purpose of processing, categories of personal data, data retention duration, and other details from your privacy policy.
Step 4: Ensure the information provided is clear, concise, and in the requested format. Remote electronic access, preferred by the ICO, is deemed most suitable.
