This code of practice explains the rights of individuals to access their personal data. It also clarifies what you must do in this regard to comply with your duties as a data controller. These rights and duties are set out in sections 7–9A of the Data Protection Act 1998 (DPA) and are often referred to as ‘the right of subject access’, a phrase this code also uses. The code refers to a request made under section 7 of the DPA as a ‘subject access request’ (SAR).
MEPs want to enhance customers’ control over their financial data
MEPs propose new rules for access to financial data in the EU to enhance customer control and innovation in financial […]