The main objective of the General Data Protection Regulation (GDPR) is to protect data subjects' privacy. A data subject is a natural person whose personal data is collected and processed by the data controller. A data controller is a business or an organisation that collects the data.
The GDPR describes the rights that every data subject has in relation to data processing. The main rights include: 1) right of access, 2) right to data portability, 3) right to object, and 4) right to be forgotten.
RIGHT OF ACCESS
You have the right to learn how your data is used and collected.
In accordance with the GDPR, you have the right to ask us:
- If we are processing your personal data;
- What we do with your data;
- Which categories of data do we have about you;
- Which recipients or categories of recipients we can transfer your personal data to;
- Retention periods of your data;
- To confirm the existence of your rights (see below);
- About the source of your data (if you have not shared your data yourself);
- To confirm the existence of an automatic profile about you;
- If the information has been transmitted outside the European Economic Area, and which safeguard measures have been taken pursuant to the GDPR.
RIGHT TO DATA PORTABILITY
You also have the right to the portability of personal data that concerns you and that you have communicated directly to us.
RIGHT TO OBJECT
In the case of a dispute regarding the processing of your data, you may request the limitation of the processing of your data. In this case, we will not use your data until the dispute has been resolved.
RIGHT TO BE FORGOTTEN
You also have the right to request that your data are completely removed from our systems in the cases listed by law (illegal treatment, treatment useless for the purposes pursued if you have consented to the treatment, and you withdraw this consent - among others). You also have this right when you exercise your right to object to using your data for direct marketing purposes.
Learn more about data processing in our Repository.