t]DSRs (also known as DSARs or even SARs, depending where in the world you are) are a core competence for any business wishing to be compliant with GDPR or the CCPA. They are a key piece of data privacy activity, and getting them right can pose a significant challenge for businesses of all kinds.
Most simply, a DSR is when a consumer requests access or modification to the data that a business holds on them. There are a few different types of DSRs, and the ones that businesses are required to process vary by region. Check out the table below for a quick primer:
Types of Data Subject Requests by Region
|Type of request||Details||Required by CCPA?||Required by GDPR?|
|Access request||A request to view the data the business holds on an individual.|
|Rectification request||A request to make a modification of the data a business holds on the individual|
|Erasure request||A request to scrub all the data a business holds on the individual|
|“Do Not Sell My Info” request||A request to exclude all data for a given individual from sale to third parties.|
Data Subject Requests form the core of a robust privacy operation for any business. But how do consumers feel about the value of this access? Do DSRs help them trust a business more? Below, you can check out Ethyca CEO Cillian Kieran and University of Zurich Marketing & Privacy Expert Anne Scherer in conversation about the role of DSRs in boosting consumer perception.