������Ƶ

A Subject Access Request is your legal right to ask any organization about the personal data they hold about you. Under Danish data protection law and the GDPR, you can request copies of your information, learn how it's being used, and find out who has access to it.

Organizations in Denmark must respond within 30 days, providing you with a clear overview of your stored data. This powerful privacy tool helps you understand and control your personal information - from basic details like your name and address to more complex data like customer profiles or employee records. The request can be made verbally or in writing, and companies can't charge a fee except in special cases.

Use a Subject Access Request when you need to understand exactly what personal information Danish organizations have about you. Common situations include applying for jobs (to see your references or assessments), dealing with credit issues (to check financial records), or investigating suspected discrimination or unfair treatment where your personal data might be relevant.

It's particularly valuable before taking legal action, when moving between service providers, or if you spot inaccurate information about yourself. For example, if a company keeps sending mail to an old address despite your updates, or if you need to verify what health data your medical provider maintains. The request helps you gather evidence and ensure organizations handle your information correctly under Danish law.

• Basic written request: The standard format sent via email or letter, asking for all personal data an organization holds about you under Danish law.
• Digital platform request: Submitted through a company's online portal or form system, often used with large service providers or tech companies.
• Specific data request: A focused version asking for particular categories of data, like employment records or medical information.
• Third-party request: Made by an authorized representative (like a lawyer) on your behalf, requiring proof of authorization under Danish requirements.
• Urgent request: Used when standard 30-day response times need to be shortened due to pressing legal or personal circumstances.

• Data Subjects: Any individual in Denmark can submit a Subject Access Request to view their personal data - including customers, employees, patients, and students.
• Data Protection Officers: Handle and coordinate responses to requests within organizations, ensuring compliance with Danish data protection laws.
• Legal Representatives: Lawyers or advisors who help individuals draft requests or challenge inadequate responses.
• Company Compliance Teams: Process requests, gather relevant data, and ensure timely responses within the 30-day deadline.
• Data Controllers: Organizations that hold personal data, from businesses and government agencies to healthcare providers and schools.

• Personal Details: Gather your full name, current address, and any relevant ID numbers or account references used by the organization.
• Organization Information: Identify the correct legal entity and their data protection contact details in Denmark.
• Data Scope: Specify exactly what personal information you're seeking - be precise about time periods and categories of data.
• Proof of Identity: Prepare copies of your passport, driving license, or other official Danish ID to verify your identity.
• Format Preference: Decide how you want to receive the information - electronic copy, paper copy, or in-person viewing.
• Documentation: Keep copies of all correspondence and note important dates for follow-up.

• Identity Verification: Clear statement of who you are and proof of identity that meets Danish data protection standards.
• Request Scope: Specific description of the personal data you're requesting access to.
• Time Period: Clear indication of the relevant timeframe for the requested information.
• Response Format: Statement of how you want to receive the information (digital/physical).
• Legal Rights Reference: Mention of your rights under Danish data protection law and GDPR Article 15.
• Response Timeline: Reference to the 30-day response requirement under Danish law.
• Contact Details: Your current contact information for receiving the response.

A Subject Access Request differs significantly from an Authorization Form, though both deal with personal data handling. While they might seem similar at first glance, their purposes and legal implications are quite distinct under Danish law.

• Purpose and Scope: Subject Access Requests specifically demand access to personal data an organization holds about you, while Authorization Forms grant permission for organizations to collect, use, or share your data in specific ways.
• Legal Framework: Subject Access Requests are a fundamental right under GDPR and Danish data protection law, with mandatory response timelines. Authorization Forms are voluntary agreements that set terms for future data handling.
• Response Requirements: Organizations must respond to Subject Access Requests within 30 days, providing comprehensive data access. Authorization Forms have no mandatory response timeline and typically remain valid until revoked.
• Direction of Control: Subject Access Requests put you in control of accessing existing data, while Authorization Forms give organizations permission to process your data going forward.