External DPO Cost
External DPO Cost

What rights do users have under the GDPR when visiting your website?

Introduction to the rights of data subjects:

The GDPR significantly strengthens the rights of data subjects to ensure that they have more control over their personal data. Here are the most important rights of users explained in detail:

Right to information (Article 15 GDPR):

  • Right of access: Users have the right to obtain confirmation from the Controller as to whether or not personal data concerning them are being processed. Where so, they have the right to access those data and certain information, including:
    • The processing purposes
    • The categories of personal data
    • The recipients or categories of recipients
    • The planned storage period
    • The existence of a right to rectification, erasure or restriction of processing
    • The existence of a right of complaint to a supervisory authority

Right to rectification (Article 16 GDPR):

  • Rectification of inaccurate data: Users have the right to request the immediate rectification of inaccurate personal data concerning them. In addition, they have the right to request the completion of incomplete data.

Right to erasure (right to be forgotten) (Article 17 GDPR):

  • Deletion of data: Users have the right to request the deletion of their personal data if one of the following reasons applies:
    • The data is no longer necessary for the purposes for which it was collected or processed.
    • The data subject withdraws his or her consent and there is no other legal basis for the processing.
    • The data subject objects to the processing and there are no overriding legitimate grounds for the processing.
    • The data was processed unlawfully.
    • The deletion is necessary to fulfill a legal obligation.

Right to restriction of processing (Article 18 GDPR):

  • Restriction of processing: Users have the right to request the restriction of the processing of their personal data if one of the following conditions is met:
    • The accuracy of the data is disputed.
    • The processing is unlawful and the data subject opposes the erasure of the data.
    • The controller no longer needs the data, but the data subject needs it to assert, exercise or defend legal claims.
    • The data subject has objected to processing pending the verification whether the legitimate grounds of the controller override the processing.

Right to data portability (Article 20 GDPR):

  • Data portability: Users have the right to receive the personal data concerning them, which they have provided to a controller, in a structured, common and machine-readable format and to transmit these data to another controller.

Right to object (Article 21 GDPR):

  • Objection to processing: Users have the right to object to the processing of their personal data at any time. The controller may then no longer process the data unless he can prove compelling legitimate grounds for the processing.

Automated decisions (Article 22 GDPR):

  • Right to non-subjection: Users have the right not to be subjected to a decision based solely on automated processing that produces legal effects or significantly affects them.

Right to complain (Article 77 GDPR):

  • Right to complain: Users have the right to lodge a complaint with a supervisory authority if they believe that the processing of their personal data violates the GDPR.

Relevant articles of the GDPR:

  • Article 15: Right of access of the data subject
  • Article 16: Right to rectification
  • Article 17: Right to erasure
  • Article 18: Right to restriction of processing
  • Article 20: Right to data portability
  • Article 21: Right to object
  • Article 22: Automated individual decisions, including profiling
  • Article 77: Right to lodge a complaint with a supervisory authority

Summary:

The GDPR grants users a number of rights to ensure they retain control over their personal data. Websites must ensure that they respect these rights and implement appropriate measures to enable users to exercise their rights. These include clear and transparent information, simple mechanisms for exercising the rights and a commitment to respond to user requests in a timely manner. Compliance with these requirements builds user trust and ensures that the processing of personal data complies with the provisions of the GDPR.

Globeria Consulting GmbH zeichnet sich als einer der führenden DSGVO-Dienstleister in Deutschland aus und bietet umfassende Lösungen durch zertifizierte Datenschutzbeauftragte (DSB). Unsere Dienstleistungen decken das gesamte Spektrum der DSGVO-Compliance ab und stellen sicher, dass Ihr Unternehmen alle rechtlichen Anforderungen effizient erfüllt. Vertrauen Sie auf unsere Expertise für ein beispielloses Datenschutz- und Privacy-Management.

Wir bedienen Berlin, Frankfurt, München, Magdeburg, Sachsen-Anhalt, Hamburg und ganz Deutschland.
+4939155721388
info@globeriadatenschutz.de
Arbeitszeiten: Montag-Freitag, 09:00-17:00
© 2024 Globeria Consulting GmbH. Alle Rechte vorbehalten.