Data subject rights

Data subject rights are a central part of the UK GDPR. Our experts explain how to comply with these data protection rights in practice.

Contracts as legal basis for data processing

If you want to process personal data in the context of a contract or for the purpose of initiating a contract, you must observe some important regulations.

The right of access

Everything you need to know about the right of access and what UK companies must do in response to requests from data subjects.

How to obtain and manage consent

The basis of consent under the UK GDPR, its rules, penalties for non-compliance, and effective strategies for managing it. Including practical examples.

The right to restrict processing

The right to restrict processing gives data subjects a supplementary possibility to exercise control and governance over their personal data. Controllers have to ensure the restriction in many ways.

The right of rectification in practice

If a data controller processes incorrect or incomplete data, the data subject has a right to rectification. We explain what you need to bear in mind.

The right to data portability in practice

The right to data portability is intended to ensure that every data subject can demand the return of their personal data. However, the surrender of the data is subject to some conditions and restrictions.

How to comply with the Children’s Code

If you provide information society services likely to be accessed by children in the UK, the Children’s Code applies. But what regulations need to be adhered to? When do they apply? What do companies have to do to achieve compliance?