About this guide

The purpose of this guide is to define the actors, roles, and case creation for the General Data Protection Regulations (GDPR).

Individuals have the right to retrieve, update, anonymize, stop processing, and delete their personal data that an organization has collected, held, or processed. An individual in the organization or an external user, known as the data subject, makes a formal request to act on personal data. The GDPR officer creates a Data Subject Request (DSR) case to retrieve the personal data and then reviews and processes the claim.