How to comply with GDPR Right of Access Article 15

In accordance with the GDPR legislation, all data subjects have the right to obtain confirmation as to whether or not personal data concerning them are being processed, and where that is the case, access to the personal data together with additional information regarding use and storage. This is covered by the "Right to access" and described in Article 15. In short this means that any user can request a copy of their processed personal data and other supplementary information upon request.

This information should be provided in a standardized electronic form and include the following information:

1. A copy of the personal data undergoing processing
2. Purpose of processing
   • In particular, if automated decision-making or profiling occurs, and if so, the logic involved, significance, and likely consequences of such processing.
3. Categories of data processed (e.g., name, address, online browsing behavior)
4. Any third-party recipients of this personal data, both backward or forward-looking, especially recipients in third countries (i.e., countries outside of the EU)
5. What safeguards are in place to protect the data being transferred
6. Any third-party sources of the data subject’s personal data (i.e., not collected from the data subject directly, for instance, by purchasing said data from another source that previously collected the data directly)
7. How long such personal data would be stored, or if that’s not determinable, how the length of this period would be determined

Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.

For a copy of your data, contact Fotoware Support.