Which regulations reference Right of Access?

Right of Access is referenced in or relevant to: gdpr, ccpa-cpra, dpdpa, lgpd.

Compliance

What is Right of Access?

The right of access grants individuals the ability to obtain from an organization confirmation of whether their personal data is being processed and to receive a copy of that data along with key details about the processing.

The right of access is one of the most commonly exercised data subject rights, established under Article 15 of the GDPR. It grants individuals the right to obtain confirmation from a data controller as to whether their personal data is being processed and, if so, to access the personal data along with information about the purposes of processing, the categories of data, the recipients, the retention period, and the source of the data.

This right exists in various forms across global privacy laws. Under the CCPA/CPRA, it manifests as the right to know, allowing consumers to request that businesses disclose the categories and specific pieces of personal information collected. Under the DPDPA, Data Principals have the right to obtain a summary of personal data being processed. Response timeframes vary by jurisdiction, from one month under the GDPR to 45 days under the CCPA.

Organizations must implement robust processes to verify requester identity, search across all data repositories, compile responsive data, and deliver it within the required timeframe. SearchIQ enables rapid cross-system searches for data subject information, while DiscoverIQ ensures no data stores are overlooked in the fulfillment process.

Relevant Regulations

GDPR (General Data Protection Regulation)CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)DPDPA (Digital Personal Data Protection Act)LGPD (Lei Geral de Protecao de Dados)

How IQWorks Helps

SearchIQ

Enterprise Data Search

DiscoverIQ

Know Your Data

ComplyIQ

Privacy Compliance, Simplified

Related Terms

Data Subject Access Request (DSAR)

A Data Subject Access Request is a formal request made by an individual to an organization to obtain confirmation of whether their personal data is being processed and, if so, to receive a copy of that data along with details about how it is used.

Data Subject Rights (DSR)

Data Subject Rights are the legal rights granted to individuals under data protection laws, enabling them to control how their personal data is collected, used, stored, and shared by organizations.

GDPR Article 15 (Right of Access)

GDPR Article 15 grants data subjects the right to obtain confirmation of whether their personal data is being processed and, if so, access to that data along with specific information about the processing.

Right to Data Portability

The right to data portability allows individuals to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another organization.

Data Discovery

Data discovery is the automated process of identifying and cataloging personal data across an organization technology landscape, including databases, file systems, cloud storage, and SaaS applications.

Explore More Terms

Browse our complete data protection glossary with 107+ terms.

View Full Glossary