Can People Access Personal Data Files and Supplementary Information?

According to the General Data Protection Regulations (GDPR), soon to be implemented in all European Union Member States, every EU citizen — no matter where in the world they is residing — has the right to access his personal data file and any supplementary information attached to it.

The owner of the data may make this request so that they may re-purpose the information when applying for employment or any other stated or unstated reason. They may also ask to have it transferred so that he can remove it from the institution presently storing it. His intent might also be to ensure the file is accurate.

That said there are some restrictions: These apply to transfer of data outside the EU to other countries or international businesses, institutions or organizations. The purpose of the restrictions is to protect the individual’s data and to safeguard his information. Chapter V of the GDPR outlines restrictions for transferring personal data files outside the EU.

It must be deemed that the country where the file is to be transferred provides an adequate protection of the file and the data within it. The receiving institution or company must provide adequate safety measures for the data it is receiving.

There must be a written agreement between the two institutions.

What May an Individual Request to be transferred under the GDPR?

An individual may request the complete contents of his personal data file. They may also request corresponding information outlined under Article 15.

Compliance to Request for Transfer under GDPR

Businesses and organisations and institutions must comply with this written or oral request in less than a month from the issue of the request.

Transfer must occur electronically and no fee may be charged.