Data Subject Requests (DSRs)
DSRs (also known as DSARs or even SARs, depending where in the world you are) are a core competence for any business wishing to be compliant with GDPR or the CCPA. They are a key piece of data privacy activity, and getting them right can pose a significant challenge for businesses of all kinds.
t]DSRs (also known as DSARs or even SARs, depending where in the world you are) are a core competence for any business wishing to be compliant with GDPR or the CCPA. They are a key piece of data privacy activity, and getting them right can pose a significant challenge for businesses of all kinds.
Most simply, a DSR is when a consumer requests access or modification to the data that a business holds on them. There are a few different types of DSRs, and the ones that businesses are required to process vary by region. Check out the table below for a quick primer:
Types of Data Subject Requests by Region
| Type of request | Details | Required by CCPA? | Required by GDPR? |
| Access request | A request to view the data the business holds on an individual. | ||
| Rectification request | A request to make a modification of the data a business holds on the individual | ||
| Erasure request | A request to scrub all the data a business holds on the individual | ||
| “Do Not Sell My Info” request | A request to exclude all data for a given individual from sale to third parties. |
Data Subject Requests form the core of a robust privacy operation for any business. But how do consumers feel about the value of this access? Do DSRs help them trust a business more? Below, you can check out Ethyca CEO Cillian Kieran and University of Zurich Marketing & Privacy Expert Anne Scherer in conversation about the role of DSRs in boosting consumer perception.
Ethyca Team
How Do Software Engineers Feel About Data Privacy?
Read MoreAt Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
Convenience Is Not The End-Goal Of Privacy Legislation—In The UK Or Anywhere
Read MoreThe UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Seen And Heard At PEPR 2022
Read MoreOur team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
Devtools for Data Privacy — Step 1: Privacy Taxonomy V1.0
Read MoreFor privacy engineers to build privacy directly into the codebase, they need agreed-upon definitions for translating policy into code. Ethyca CEO Cillian unveils an open source system to standardize definitions for personal data living in the tech stack.
Custom Masking Strategies In Fides
Read MoreMasking data is an essential part of modern privacy engineering. We highlight a handful of masking strategies made possible with the Fides open-source platform, and we explain the difference between key terms: pseudonymization and anonymization.
Parsing The ADPPA Draft From The Privacy-As-Code Perspective
Read MoreThe American Data Privacy and Protection Act is gaining attention as one of the most promising federal privacy bills in recent history. We highlight some of the key provisions with an emphasis on their relationship to privacy engineering.
Ready to get started?
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Book a Demo