Handling the Data Subject Access Request

Under the GDPR rules, an individual can make a formal request, asking a company to search their IT systems and produce the information and documentation the company has stored on the individual. 

This type of request is commonly known as a Subject Access Request (SAR).



There are many reasons why a company will receive a SAR. Common SAR’s we help our clients handle:

 

  • From former disgruntle employees.
  • Individuals who work for competitor organisations.
  • Individual who was unsuccessful when applying for a promotion or external applicants applying for senior positions.
  • Individuals who work at a supply or a customer who has had their contracts/agreements changed. 

 



What rules does GDPR provide individuals when making a SAR:

 

  1. The right of access. Individuals can submit SAR, which requires the company to provide a copy of any personal data they hold about the individual.
  2. The right to erasure. Individuals can request that the company erase their data in certain circumstances, if the data is no longer essential if the data was unlawfully processed. If the individual withdraws consent.
  3. The right to erasure is also known as ‘the right to be forgotten’.

 



Typically, throughout Europe, a company has around 30 days to acknowledge a SAR and produce the information/documents.



Failing to respond to a SAR can be very costly, in the UK the Information Commissioner’s Office (see here ) can impose a higher maximum or a standard maximum fine. Under UK law a fine could be up to 20 million Euro or 4% of the total annual worldwide turnover.



Each European country sets its penalties for non-compliance and companies are not only becoming financially penalised, but a company’s public reputation can also be damaged.



Therefore, a company needs to have a robust process in place to handle a SAR. 


LTI’s team of consultants and technology offering provides a fast, auditable and inexpensive way to handle 1 or 100 SARs. 

Our services include:

 

  • Identify where and how documents are stored.
  • We gathered and collect the documents in a defensible way.
  • Using our secure and specialised document search and document review platform.
  • Apply filters to suit the SAR requirements.
  • Allow you to review and make blackouts/redactions on SAR responsive documents.
  • Provide the Individual/SAR to the documents in a controlled and secure online platform.
  • Provide a report on the documents the Individual/SAR would like erasure.
  • Delete the documents from your IT environment.
  • Provide an audit report of the full process.

 


If you have a project or a scenario you would like to discuss, please do not hesitate to contact us: info@legaltechinnovations.com

Labour Market Cartels: The New Antitrust Frontier in Europe

By Luke Smith April 17, 2025
Labour Market Cartels: The New Antitrust Frontier in Europe

The Hidden Risk of Cloud Email Storage: When Data Disappears Forever

By Luke Smith February 26, 2025
Many companies assume cloud email providers retain data indefinitely, but once an account is deleted, emails may be lost forever. Without a clear retention strategy, businesses risk losing critical information needed for eDiscovery, compliance, and investigations. Learn how to protect your email data before it’s too late.
Best practices for managing cross-border eDiscovery in international litigation by Legal Tech Innova

Best Practices for Managing Cross-Border eDiscovery in International Litigation

By Luke Smith January 19, 2025
Learn key strategies for managing cross-border eDiscovery in international litigation. Discover tips for legal compliance, data privacy, and seamless workflows
Explore key eDiscovery trends for 2025. Stay ahead with insights on AI advancements, data security,

The Future of eDiscovery: Trends to Watch in 2025

By Luke Smith January 5, 2025
Discover the future of eDiscovery with Legal Tech Innovations. From AI-driven document reviews to evolving data privacy challenges, explore the top trends shaping 2025. Learn how these developments impact lawyers and legal professionals handling investigations and litigation.
Learn how to secure evidence from an employee's phone while ensuring compliance with privacy laws an

Securing Evidence from an Employee’s Phone while Complying with Privacy Laws

By Luke Smith September 13, 2024
Navigating the challenges of securing evidence from an employee’s phone? Discover best practices for balancing legal compliance with privacy laws. Legal Tech Innovations provides insights for lawyers handling investigations and litigation.
Explore how Generative AI is revolutionizing eDiscovery in competition investigations, enhancing eff

The Role of GENAI in Transforming eDiscovery for Competition Investigations

April 24, 2024
Generative AI is transforming eDiscovery for competition investigations. Learn how advanced tools are enabling faster, smarter document reviews and uncovering critical insights. Discover how lawyers can leverage AI in their litigation and investigation processes.
Discover how Legal Tech Innovations' partnership with Reveal’s ASK is revolutionizing eDiscovery, em

Unlocking Legal Intelligence: Legal Tech Innovations (LTI) Introduces Reveals 'Ask,' Revolutionizing eDiscovery for Our Clients

By Luke Smith January 11, 2024
Unlock the power of legal intelligence with Legal Tech Innovations. Learn how our collaboration with Reveal’s ASK is transforming eDiscovery, providing lawyers with faster and more accurate insights for litigation and investigations.
Learn how to efficiently identify critical evidence during legal proceedings, ensuring compliance an

Identify evidence during legal proceedings.

By Luke Smith November 13, 2023
Identifying crucial evidence is key to successful legal proceedings. Explore best practices for uncovering key data, ensuring compliance, and enhancing your legal strategies during investigations. Legal Tech Innovations offers expert guidance for lawyers in litigation and legal matters.
Discover why testing search results is crucial in eDiscovery exercises to ensure accurate and reliab

Testing search results is crucial when conducting an eDiscovery (electronic discovery) exercise

By Luke Smith September 6, 2023
Effective eDiscovery relies on testing search results to verify accuracy and relevance. Learn why this step is essential for legal professionals and how it enhances the efficiency and reliability of electronic discovery exercises in litigation and investigations.
Explore how leveraging mobile phone data can uncover critical insights in investigating anti-competi

Leveraging Mobile Phone Data in Investigating Anti-Competitive Practices

August 10, 2023
Mobile phone data plays a crucial role in investigating anti-competitive practices. Learn how legal professionals can leverage this valuable source of evidence in competition law investigations and uncover hidden insights to strengthen their cases.
More Posts