Difference between revisions of "Template:MailtoAccess"

From Wikibase Personal data
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)

Latest revision as of 15:53, 27 January 2020

?subject=Subject%20Access%20Request%20to&body=Dear%20%2C%0A%0AThis%20is%20a%20transparency%20request%20under%20the%20General%20Data%20Protection%20Regulation%2C%20including%20a%20subject%20access%20request%2C%20a%20portability%20request%2C%20and%20other%20specific%20provisions.%20%2A%2APlease%20note%20that%20it%20is%20not%20legal%20to%20require%20data%20subjects%20to%20use%20an%20%20in-house%20form%2A%2A.%20%28see%20for%20instance%20UK%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Subject%20Access%20Code%20of%20Practice%E2%80%99%20%289%20June%202017%29%20p%2013%3B%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Guide%20to%20the%20GDPR%3A%20Right%20to%20access%E2%80%99%20%2822%20May%202019%29%2C%20stating%20that%20%27even%20if%20you%20have%20a%20form%2C%20you%20should%20note%20that%20a%20subject%20access%20request%20is%20valid%20if%20it%20is%20submitted%20by%20any%20means%2C%20so%20you%20will%20still%20need%20to%20comply%20with%20any%20requests%20you%20receive%20in%20a%20letter%2C%20a%20standard%20email%20or%20verbally%20%5B..%5D%20although%20you%20may%20invite%20individuals%20to%20use%20a%20form%2C%20you%20must%20make%20it%20clear%20that%20it%20is%20not%20compulsory%27%29%0A%0AI%20would%20like%20to%20request%20a%20copy%20of%20all%20my%20personal%20data%20held%20and%2For%20undergoing%20processing.%20This%20is%20both%20a%20subject%20access%20request%20and%20a%20portability%20request.%0A%0ACopies%20of%20my%20personal%20data%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20covers%20all%20my%20personal%20data%20%0A%0AArticle%2020%0A----------%0AFor%20data%20falling%20within%20the%20right%20to%20data%20portability%20%28GDPR%2C%20art%2020%29%2C%20which%20includes%20all%20data%20I%20have%20provided%20%2Aand%2A%20which%20have%20been%20indirectly%20observed%20about%20me%20%28Article%2029%20Working%20Party%2C%20%2AGuidelines%20on%20the%20Right%20to%20Data%20Portability%20%28WP%20242%29%2A%2C%2013%20December%202016%2C%208%29%20and%20where%20lawful%20bases%20for%20processing%20include%20consent%20or%20contract%2C%20I%20wish%20to%20have%20that%20data%3A%0A%0A-%20%20%20%2A%2Asent%20to%20me%20in%20commonly%20used%2C%20structured%2C%20machine-readable%20format%2A%2A%2C%20such%20as%20a%20CSV%20file.%20A%20PDF%20is%20not%20a%20machine-readable%20format%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20WP260%20rev.01%2C%2011%20April%202018%29.%0A%0A-%20%20%20accompanied%20with%20an%20%2A%2Aintelligible%20description%20of%20all%20variables.%2A%2A%0A%0AArticle%2015%0A----------%0AFor%20all%20personal%20data%20not%20falling%20within%20portability%2C%20I%20would%20like%20to%20request%2C%20under%20the%20right%20to%20access%20%28GDPR%2C%20art%2015%29%3A%0A%0A-%20%20%20%2A%2Aa%20copy%20sent%20to%20me%20in%20electronic%20format%2A%2A.%20This%20includes%20any%20data%20derived%20about%20me%2C%20such%20as%20opinions%2C%20inferences%2C%20settings%20and%20preferences.%20%28Note%20that%20opinions%2C%20inferences%20and%20the%20like%20are%20considered%20personal%20data.%20See%20Case%20C%E2%80%91434%2F16%20%2APeter%20Nowak%20v%20Data%20Protection%20Commissioner%2A%20%5B2017%5D%20ECLI%3AEU%3AC%3A2017%3A994%2C%2034.%29%20%20For%20data%20that%20is%20available%20to%20the%20controller%20in%20machine%20readable%20format%2C%20it%20must%20be%20provided%20to%20me%20in%20that%20form%20in%20accordance%20with%20the%20principle%20of%20fairness%20and%20provision%20of%20data%20protection%20by%20design.%0A%0AIf%20your%20organisation%20considers%20me%20a%20controller%20for%20whom%20you%20process%0A-------------------------------------------------------------------%0AFurthermore%2C%20if%20your%20business%20considers%20me%20the%20controller%20of%20any%20personal%20data%20for%20which%20your%20business%20acts%20as%20processor%2C%20please%20provide%20me%20%2A%2Awith%20all%20the%20data%20you%20process%20on%20my%20behalf%20in%20machine%20readable%20format%2A%2A%20in%20accordance%20with%20your%20obligation%20to%20respect%20my%20to%20determination%20of%20the%20means%20and%20purposes%20of%20processing.%0A%0A%0AMetadata%20on%20processing%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20also%20includes%20the%20metadata%20I%20am%20entitled%20to%20under%20the%20GDPR.%0A%0AInformation%20on%20controllers%2C%20processors%2C%20source%20and%20transfers%0A------------------------------------------------------------%0A%0A-%20The%20%2A%2Aidentity%20of%20all%20joint%20controllers%2A%2A%20of%20my%20personal%20data%2C%20as%20well%20as%20the%20essence%20of%20you%20contracts%20with%20them%20%28Article%2026%29.%0A%0A%0A-%20Any%20%2A%2Athird%20parties%20to%20whom%20data%20has%20been%20disclosed%2A%2A%2C%20named%20with%20contact%20details%20in%20accordance%20with%20Article%2015%281%29%28c%29.%20Please%20note%20that%20the%20European%20data%20protection%20regulators%20have%20stated%20that%20by%20default%2C%20controllers%20should%20name%20precise%20recipients%20and%20not%20%22categories%22%20of%20recipients.%20If%20they%20do%20choose%20to%20name%20categories%2C%20they%20must%20justify%20why%20this%20is%20fair%2C%20and%20be%20specific%2C%20naming%20%22the%20type%20of%20recipient%20%28i.e.%20by%20reference%20to%20the%20activities%20it%20carries%20out%29%2C%20the%20industry%2C%20sector%20and%20sub-sector%20and%20the%20location%20of%20the%20recipients.%20%28%20Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20WP260%20rev.01%2C%2011%20April%202018%20%29%20Please%20note%20that%20in%20the%20case%20of%20any%20transferred%20data%20processed%20on%20the%20basis%20of%20consent%2C%20there%20is%20no%20option%20to%20just%20name%20categories%20of%20recipients%20without%20invalidating%20that%20legal%20basis%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Consent%20under%20Regulation%202016%2F679%E2%80%99%20%28WP259%20rev.01%2C%2010%20April%202018%29%2013%29.%0A%0A-%20If%20any%20data%20was%20not%20collected%2C%20observed%20or%20inferred%20from%20me%20directly%2C%20please%20provide%20precise%20information%20about%20%2A%2Athe%20source%20of%20that%20data%2A%2A%2C%20including%20the%20name%20and%20contact%20email%20of%20the%20data%20controller%28s%29%20in%20question%20%28%22from%20which%20source%20the%20personal%20data%20originate%22%2C%20Article%2014%282%29%28f%29%2F15%281%29%28g%29%29.%0A%0A-%20Please%20confirm%20where%20my%20personal%20data%20is%20physically%20stored%20%28including%20backups%29%20and%20at%20the%20very%20least%20%2A%2Awhether%20it%20has%20exited%20the%20EU%20at%20any%20stage%20%28if%20so%2C%20please%20also%20detail%20the%20legal%20grounds%20and%20safeguards%20for%20such%20data%20transfers%29%2A%2A.%0A%0AInformation%20on%20purposes%20and%20legal%20basis%0A---------------------------------------%0A%0A-%20All%20%2A%2Aprocessing%20purposes%20and%20the%20lawful%20basis%20for%20those%20purposes%20by%20category%20of%20personal%20data%2A%2A.%20This%20list%20must%20be%20broken%20down%20by%20purpose%2C%20lawful%20basis%20aligned%20to%20purposes%2C%20and%20categories%20of%20data%20concerned%20aligned%20to%20purposes%20and%20lawful%20bases.%20Separate%20lists%20where%20these%20three%20factors%20do%20not%20correspond%20are%20not%20acceptable%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20%28WP260%20rev.01%2C%2011%20April%202018%29%2C%20page%2035.%0A%29.%20A%20table%20may%20be%20the%20best%20way%20to%20display%20this%20information.%0A%0A-%20The%20%2A%2Aspecified%20legitimate%20interest%2A%2A%20where%20legitimate%20interest%20is%20relied%20upon%20%28Article%2014%282%29%28b%29%29.%0A%0AInformation%20on%20automated%20decision-making%20%0A----------------------------------------%0A-%20Please%20confirm%20whether%20or%20not%20you%20make%20any%20automated%20decisions%20%28within%20the%20meaning%20of%20Article%2022%2C%20GDPR%29.%20If%20the%20answer%20is%20yes%2C%20please%20provide%20meaningful%20information%20about%20the%20logic%20involved%2C%20as%20well%20as%20the%20significance%20and%20the%20envisaged%20consequences%20of%20such%20processing%20for%20me.%20%28Article%2015%281%29%28h%29%29%0A%0AInformation%20on%20storage%0A----------------------%0A-%20Please%20confirm%20for%20how%20long%20each%20category%20of%20personal%20data%20is%20stored%2C%20or%20the%20criteria%20used%20to%20make%20this%20decision%2C%20in%20accordance%20with%20the%20storage%20limitation%20principle%20and%20Article%2015%281%29%28d%29.%0A%0A%0A%0A%0AIf%20you%20do%20not%20normally%20deal%20with%20these%20requests%2C%20please%20pass%20this%20email%20to%20your%20Data%20Protection%20Officer.%20If%20you%20need%20advice%20on%20dealing%20with%20this%20request%2C%20any%20European%20Data%20Protection%20Authority%20should%20be%20able%20to%20provide%20you%20with%20assistance.%20%0A%0AIn%20accordance%20with%20the%20law%2C%20I%20look%20forward%20to%20hearing%20from%20you%20within%20one%20month%20of%20receipt.%0A%0ARegards%2C%0A%0A%3C%3C%20FIRST_NAME%20LAST_NAME%20%3E%3E