The Danish Data Protection Agency recently issued new guidelines on data subjects’ rights, e.g. offering guidance on employers’ compliance with employees’ right of access.
The General Data Protection Regulation is fast approaching. The Danish Data Protection Agency has now issued guidelines on data subjects’ rights.
Pursuant to the GDPR, data subjects have a wide range of rights which, as a starting point, must be respected by the data controller such as the right to be informed, the right to erasure and the right to object in relation to personal data. The guidelines describe a number of procedural requirements which the data controller must always bear in mind to ensure compliance with the data subjects’ rights.
With regard to employers, the guidance e.g. establishes that the employer cannot comply with an employee’s right of access in relation to employee data processed by the employer simply by informing the employee of where the data can be found. The employer must provide a copy of the specific information processed.
You can read the guidelines here (in Danish).
The content of the above is not, and should not be a substitute for legal advice.