Efficiently and effectively manage Data Subject Access Requests and consolidate all consumer requests into one centralised portal.

Meet the requirements of regulations like The GDPR and CCPA with a centralised solution for managing Data Subject Access Requests. Easily manage and process requests from multiple regions and deliver personal information effectively to your data subjects.

The GDPR & CCPA grants individuals the right to access their personal information from organisations so they can understand what data is held and how it’s used, for lawful processing. (Article 15 The GDPR ‘Data controllers to confirm to Data Subjects whether they are processing their personal data.’) A request to access personal information is known commonly as a DSAR. (Data Subject Access Request.)

An individual can make a Data Subject Access Request to you verbally or in writing. It can also be made to any part of your organisation (including by social media) and does not have to be to a specific person or contact point. An individual is only entitled to their own personal data, and not to information relating to other people.

Data Subject Access Requests aren’t a new requirement for organisations, however, regulations like The GDPR have introduced some changes that make responding to them more challenging.

For example, operating under The GDPR and CCPA, there is no longer a charge fee for processing a request of personal information. Organisations are entitled to charge a reasonable administrative fee for additional copies requested by the data subject, or if requests are excessive. There is also now have a shorter period of time to respond to requests for personal information, for example; The GDPR (30 days) and CCPA (45 days).

There will always be a requirement for your organisation to respond effectively to a DSARs, unless regulation changes, however, providing data subjects with direct access to their personal information through a secure platform, will remove the volume of requests your organisation receives. Enhance your DSARs process by introducing Cassie’s Data Subject Portal which will enable your Data Subjects to change, update and manage their personal information, as well as have control and choice over their communication preferences.

Data subjects’ are becoming more aware of how their data is being used and ultimately how valuable it is. As data subjects’ become more aware, there is likely to be an increase in DSARs which could impact business operations as well as cause an unnecessary drain on resources. Organisations that are ethical, responsible and accountable for their data subjects’ personal information will be more likely to differentiate their brand from the competition. Providing data subjects’ with direct access to their personal data through a portal should reduce the volume of requests for access.