Right of access
Home » Social networks » Data subjects rights » Right of access

Article 12(a) provides that data subjects have the right to obtain from the controller confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access to the personal data (see the “Right of access” subsection in the “ Data Subject Rights” section of the General Part of these Guidelines). In a nutshell, the data subject has the right to obtain from the controller information on (1) the personal data stored as well as their categories, (2) the source and the recipients of personal data to whom the data is disclosed, (3) knowledge of the logic involved in automatic processing of data concerning the data subject, and (4) the purpose of processing personal data. The whole requirement is included in article 15 GDPR. This right is particularly important in the case of data gathered from social networks since data subjects are usually unaware of the existence of such data. Furthermore, inferred data might be created by the controller and these data might be of particular interest for the data subject. Thus, controllers shall ensure that they have implemented adequate tools to satisfy the data subjects’ requirement according to the precisions included by the GDPR.


Skip to content