Which regulations reference Data Subject Rights (DSR)?

Data Subject Rights (DSR) is referenced in or relevant to: gdpr, ccpa-cpra, dpdpa, lgpd.

Compliance

What is Data Subject Rights (DSR)?

Data Subject Rights are the legal rights granted to individuals under data protection laws, enabling them to control how their personal data is collected, used, stored, and shared by organizations.

Data Subject Rights (DSR) refer to the collection of rights that privacy regulations grant to individuals regarding their personal data. Under the GDPR, these include the right of access (Article 15), right to rectification (Article 16), right to erasure (Article 17), right to restriction of processing (Article 18), right to data portability (Article 20), right to object (Article 21), and rights related to automated decision-making and profiling (Article 22).

The CCPA/CPRA grants California residents the right to know, right to delete, right to opt out of sale/sharing, right to correct, and right to limit use of sensitive personal information. India's DPDPA provides Data Principals with the right to information, correction, erasure, grievance redressal, and nomination. Each regulation defines specific procedures and timeframes for organizations to respond to rights requests.

Managing data subject rights requests efficiently requires organizations to quickly locate all relevant personal data, verify the identity of requesters, process requests within regulatory deadlines, and maintain audit trails. IQWorks provides end-to-end DSR management through SearchIQ for finding data subject records, DiscoverIQ for comprehensive data inventory, and ComplyIQ for managing request workflows.

Relevant Regulations

GDPR (General Data Protection Regulation)CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)DPDPA (Digital Personal Data Protection Act)LGPD (Lei Geral de Protecao de Dados)

How IQWorks Helps

SearchIQ

Enterprise Data Search

DiscoverIQ

Know Your Data

ComplyIQ

Privacy Compliance, Simplified

Related Terms

Data Subject Access Request (DSAR)

A Data Subject Access Request is a formal request made by an individual to an organization to obtain confirmation of whether their personal data is being processed and, if so, to receive a copy of that data along with details about how it is used.

Right to Erasure (Right to Be Forgotten)

The right to erasure, also known as the right to be forgotten, allows individuals to request that organizations delete their personal data when it is no longer necessary, consent is withdrawn, or processing is unlawful.

Right of Access

The right of access grants individuals the ability to obtain from an organization confirmation of whether their personal data is being processed and to receive a copy of that data along with key details about the processing.

Right to Rectification

The right to rectification allows individuals to request that an organization correct inaccurate personal data or complete incomplete personal data held about them.

Right to Data Portability

The right to data portability allows individuals to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another organization.

Explore More Terms

Browse our complete data protection glossary with 107+ terms.

View Full Glossary