Right of Rectification
What is Right of Rectification?
Right of RectificationThe GDPR right of a data subject to obtain from the controller, without undue delay, the correction of inaccurate or incomplete personal data concerning them.
The right of rectification is established in Article 16 of the European Union General Data Protection Regulation (GDPR). It gives any data subject the right to obtain from the data controller, without undue delay, the correction of inaccurate personal data concerning them and the completion of incomplete data, including by providing a supplementary statement. Controllers must respond within one month, extendable by two additional months for complex requests, and must communicate corrections to each recipient with whom the data has been shared. The right also implies a controller obligation to maintain accuracy under the data-quality principle of Article 5 and to demonstrate compliance under accountability.
● Examples
- 01
A customer asks an online bank to correct a typo in their billing address after receiving a misdirected statement.
- 02
An HR system updates an employee's surname after a court-issued name change is provided.
● Frequently asked questions
What is Right of Rectification?
The GDPR right of a data subject to obtain from the controller, without undue delay, the correction of inaccurate or incomplete personal data concerning them. It belongs to the Privacy & Data Protection category of cybersecurity.
What does Right of Rectification mean?
The GDPR right of a data subject to obtain from the controller, without undue delay, the correction of inaccurate or incomplete personal data concerning them.
How does Right of Rectification work?
The right of rectification is established in Article 16 of the European Union General Data Protection Regulation (GDPR). It gives any data subject the right to obtain from the data controller, without undue delay, the correction of inaccurate personal data concerning them and the completion of incomplete data, including by providing a supplementary statement. Controllers must respond within one month, extendable by two additional months for complex requests, and must communicate corrections to each recipient with whom the data has been shared. The right also implies a controller obligation to maintain accuracy under the data-quality principle of Article 5 and to demonstrate compliance under accountability.
How do you defend against Right of Rectification?
Defences for Right of Rectification typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Right of Rectification?
Common alternative names include: GDPR Article 16, Right to rectification.
● Related terms
- privacy№ 930
Right of Data Portability
The GDPR right of a data subject to receive their personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
- privacy№ 932
Right to Be Forgotten
The right of an individual to obtain the erasure of personal data concerning them when there is no overriding legal reason to keep processing it, under GDPR Article 17.
- compliance№ 440
GDPR
The European Union's General Data Protection Regulation governing the processing of personal data of individuals in the EU and EEA.