Personal data protection /

How are data controllers implementing the right of access? The GDPR National Survey is underway

In 2024, actions are being undertaken within the framework of coordinated law enforcement in accordance with the GDPR. This year’s initiative focuses on assessing the implementation of data access rights by data controllers.

The objective of the coordinated law enforcement framework is to determine how the right of access to data is being implemented in individual member states. At the EU level, the European Data Protection Board (EDPB) will compile coordinated analysis results. This will provide deeper insights into the issue and enable targeted follow-up actions at the EU level.

This year's survey focuses on the GDPR-mandated right of access to data. Participation is voluntary and anonymous.

What is the method and scope of the survey?

Actions are conducted at the national level by individual supervisory authorities, who have prepared a joint survey. All data controllers are invited to complete the survey. Participation in the survey is voluntary and, according to the supervisory authorities, anonymous.

This year’s survey focuses on the GDPR-mandated right of access to data. The European Data Protection Board (EDPB) selected this topic because it is one of the core issues of data protection and one of the most frequently exercised rights, which generates numerous complaints to data protection authorities.

What is the Scope of the Survey?

The survey defines:

  • the profile of the data controller (form, scale, scope of activity),
  • the range of personal data processed, and
  • the practices used in exercising the right of access to personal data.

It also covers the familiarity of data controllers with the EDPB Guidelines 01/2022 (version 2.0 adopted on March 28, 2023) concerning the rights of data subjects and their potential impact on changes in practices for processing access requests by data controllers.

You can complete the survey here.

The protection of data subjects’ right mandates meticulous analysis by data controllers during the design stage processes.

GDPR and Data Subject Rights: Why Knowing and Protecting These Rights Matters?

The protection of the rights of data subjects is a cornerstone of the data protection system established by the GDPR. The growing awareness of these rights among data subjects necessitates thorough analysis and careful handling by data controllers. Ideally, these measures should be incorporated at the design stage of processes, following the principle of privacy by design.

Our team of specialists supports data controllers in fulfilling the rights of data subjects, including handling requests related to the right of access to data. If you need assistance in this area, contact us at [email protected].

Author team leader DKP Legal Alicja Mruczkiewicz
Contact our expert
Write an inquiry: [email protected]
check full info of team member: Alicja Mruczkiewicz

Contact us

Flaga Polski.POZNANPOLAND
Młyńska 16
61-730 Poznań
+48 61 853 56 48[email protected]
Flaga Polski.WARSAWPOLAND
Rondo ONZ 1
00-124 Warsaw
+48 22 300 16 74[email protected]
Flaga Polski.WROCLAWPOLAND
Swobodna 1
50-088 Wrocław
+48 61 853 56 48[email protected]
Flaga Polski.KRAKOWPOLAND
Opolska 110
31-355 Kraków
+48 61 853 56 48[email protected]
Flaga Polski.ZIELONA GÓRAPOLAND
Jana Sobieskiego 2/3
65-071 Zielona Góra
+48 61 853 56 48[email protected]