What is a data subject?
While the definition of the term ‘data subject’ varies slightly from country to country, they all share the same basic thought: a data subject is any individual whose personal information is collected, processed, and used for some legitimate purpose.
If you wish to learn more about this topic, check out the FAQ section below:
Question #1: What does ‘personal data’ mean in regard to a data subject?
In regard to a data subject, the term ‘personal data’ refers to any piece of information that can be used—either on its own or in conjunction with other pieces of information—to uniquely identify an individual, including but not limited to:
- Personal details
- Race or ethnicity
- Employment or educational information
- Sexual orientation
- Political and religious beliefs
- Demographic information
Question #2: What are the rights of this subject?
While the rights of a data subject vary slightly from country to country, they all revolve around the same eight core principles, as outlined below:
- It has the right to be informed
- It has the right to access
- It has the right to object
- It has the right to have their data erased or blocked
- It has the right to have their data corrected
- It has the right to obtain and move, electronically, their data
- It has the right to file a complaint regarding the misuse of their data
- It has the right to damages for having their data misused and/or compromised
Let us take a closer look at each one:
First, it has the right to know when their personal data is about to be, is being, or has been collected, processed, and used for whatever purpose. In addition, the data subject also has the right to be informed of any breaches or similar situations that could or have put their data at risk.
Second,it may demand, at any time, a complete, easy-to-understand breakdown of the personal data collected, how it is being used, and for what purpose. In addition, the data subject may also ask how long their data will be kept and used.
Third, it may not only refuse to have their data collected, processed, and used, but also withdraw their consent at any time.
Fourth, it may demand, at any time, to have their data be completely removed from a database and prevent its future use.
Fifth, the it may demand, at any time, to have any inaccuracies or errors in their data immediately corrected. The party doing the data collection, processing, and utilisation must then inform any and all external parties who also have access to the corrected information that changes have been made.
Sixth, it may demand, at any time, to obtain a copy of their data and electronically move it to another location.
Seventh, in the event of data misuse or any other abuses connected to the collection, processing, and use of a data subject’s personal data, the data subject has the right to file a formal complaint against the erring party.
Finally, it has the right to receive just compensation in the event of personal data leakage, misuse, abuse, and any other compromising situations, such as the processing of outdated, inaccurate, incomplete, or illegally obtained data.
Question #3: What does ‘data processing’ mean in regard to a data subject?
The term data processing refers to any and all activities related to the collection, storage, analysis, transfer, and use of any personal data collected about a particular data subject for whatever purpose the party doing the processing may have.
Here’s an article from Talend you can check on data processing.